Cyber ​​attack on Anhalt-Bitterfeld: the district continues to be unspressible

Cyber ​​attack on Anhalt-Bitterfeld: the district continues to be unspressible

The district of Anhalt-Bitterfeld, which was attacked with ransomware on July 6, continues to refuse to comply with the attackers’ demands. The blackmail ultimatum expired on July 26th, now the criminals could make sensitive data public at any time, some terabytes of data remain encrypted.

The ultimatum became public on July 13th. The extortionists are demanding a ransom, the amount of which was not disclosed by the responsible LKA. District Administrator Andy Grabner (CDU) had said from the start that no claim would be paid. It remains as the Southgerman newspaper reported.

One week after the attack, the criminals published personal data of 92 people on the Darknet, including cell phone numbers and bank details. 42 of those affected were members of the district council, reported the Spiegel. A request from heise online has not yet been answered from Anhalt-Bitterfeld.

Because of the severe infection with malware in his network, the administrative district had declared a disaster and the IT systems were shut down. Almost a thousand administrative employees could only work by telephone or fax and were no longer allowed to use their computers.

Salaries, social benefits, student loans would hardly be paid out at the end of the month without the data, motor vehicles could not be registered for weeks – a problem for the car trade, reports the Süddeutsche. The follow-up of those infected with corona among the 160,000 inhabitants was immediately ensured. Since August 3rd, for example, vehicles can be registered again in Anhalt-Bitterfeld.

The IT experts in Anhalt-Bitterfeld are currently trying to set up a new network for the administration with the help of the Bundeswehr. Most employees could probably be able to work normally again for the most part by the beginning of September. Five months could still pass before all employees could work normally again.

According to the report, the blackmailers are a group that has been active since May of this year and operates under the motto “Pay or Grief”. On the Darknet, Grief offers some of the data stolen from the county for download. Other victims of the group are a US private school in Texas, the city council of Thessaloniki and a French pump manufacturer. The Swiss comparison portal Comparis was also a grief victim and paid a ransom of 400,000 US dollars, reported the The New Zurich Times.

Cyber ​​attacks – mainly through ransomware – cause German companies EUR 220 billion in damage a year, the IT industry association Bitkom recently determined. The US government is apparently stepping up its efforts in the fight against this form of crime and is getting the private sector to do so. Heise-Verlag has also already been attacked, in spring 2019 with the help of the Emotet malware.


(anw)

Article Source