A kindOn Tuesday, information about Covid-19 still dominated the Internet portal in the Anhalt-Bitterfeld district, but right next to it, the district administrator notified another virus, which was completely paralyzed Computer systems at all locations in his administration. “This incident has no direct danger to people’s lives and limbs,” it said there. However, the working capacity of the government and its 900 employees “is greatly restricted by the attack until further notice.” Inquiries can only be answered via telephone or fax, and communication via e-mail is not possible. Since July 5, the district government has not received any emails. Invoices must be “posted by letter”.
The reason was quickly clarified: this was a cyber attack, and criminals used computer viruses to block the information and data processing systems of institutions or companies-mainly to release them again for ransom. In fact, the State Criminal Police Agency of Saxony-Anhalt (LKA) announced on Tuesday that previously unknown assailants had reported to the district office and demanded a ransom. A spokesperson said that the authorities did not provide any information about the amount, but six-digit or seven-digit claims are not uncommon. According to investigators, the attackers used so-called ransomware to encrypt data and the payment may be revoked. However, according to LKA, there is no guarantee that everything will run as before.
A spokesperson said that the area immediately disconnected all critical systems from the network after the attack to prevent further data outflow, and declared a disaster. Since the weekend, IT experts from federal and state authorities have been analyzing what kind of virus it is and how to effectively combat it. In addition, reconstruction of the IT infrastructure is underway so that the approximately 160,000 residents between Halle and Magdeburg can be acted upon again as soon as possible. The spokesperson said: “Welfare recipients can pay their alimony advance payments when they get their money. This is of course very important.” In addition, there is a contact with other regional administrations that can provide temporary services.
Attacks almost every day
According to the German Cyber Security Organization (DCSO), this is a network created by Allianz, Bayer, BASF and Volkswagen to defend against cyber attacks. Ransomware attacks occur almost every day. Dror-John Roecher of FAZ’s DCSO said that behind this is organized cybercrime. “These attacks are not carried out by individual perpetrators.” On the contrary, the attackers are based on a division of labor. Some specialize in network penetration, while others specialize in selling access to compromised companies. “We generally advise against paying the ransom unless it is done after close consultation with law enforcement authorities,” Rocher said. Even without 100% protection, tried and tested backup and recovery procedures and continuous software and system updates can minimize the possibility of cyber attacks.
Gerd Landsberg, CEO of the German Association of Cities and Towns, said that hacking of local governments is a recurring problem. Hackers tried to attack municipal facilities across Germany, including public facilities. It is vital that the management’s IT systems and security precautions must be kept up-to-date at all times. The left in the Saxony-Anhalt state parliament called for the attack to be handled in the parliament.
