Cyber attack on anhalt-bitterfeld: search for luck, opinion of the ccc

Cyber attack on Anhalt-Bitterfeld: Search for Luck, Opinion of the CCC

In the analysis of the cyber attack on the district of Anhalt-Bitterfeld, the forensics are still in full swing. Digital tracks are saved, clues to the tatter collected. Until there is secured findings, it may still take place according to the state criminal office. Last week, a malicious program had infiltrated the systems and laid on ice. To get help quickly, even the catastrophic case was proclaimed.

The district is now talking about a security chute. A weakness in the printing system of Windows could be an explanation in connection with a successful phishing attack – but it does not have to. Windows had warned in front of July and updates to last week. "But it could also be that the virus has landed already days before on the net", said Landrat Andy Grabner (CDU).

CCC: Deficits have long been available

The a cause is from the point of view of Manuel Atug from the Chaos Computer Club but not anyway. Problems with so-called ransomware and the deficits in the systems were not caused by night, said the IT security expert. That’s a long year’s, almost decades of process. Many municipalities were working with old software and hardware, which have not been updated for years.

The district of the district had been infected with Ransomware last week. Landrat Andy Grabner (CDU) had clearly told Wednesday that the district will not pay any claims. As a special hand, you do not let yourself be blackmailable. The exact high of the requested amount was initially unclear. Often such detachances have a six- or seven-digit high.

Data is already published

A few days ago, according to Chaos Computer Club 200 megabyte of the data from Anhalt-Bitterfeld has been published in a forum. For Manuel Atug, much of it speaks that this is a response to the cancellation of a loose payment. Atug suspects that it is confidential data. All that, the whole course, is quite typical.

Behind these attacks are mostly ransomware bands. "These are highly criminal band structures and not somehow optional thieves or hackers", said Atug. As a rule, you were previously your goals and examine if and how to take data. Whether this was in Anhalt-Bitterfeld so, will still show.

Create a small risk of residual risk

There are several security swallowing in municipal systems that were operated with poor IT security said atug. But that is also the case in all other industries. Companies and authorities should therefore actively integrate IT security from his point of view. In addition, an open error culture is important for all employees to be realized together with all employees.

But a hundred percent security is never available with a lot of pravention. "That’s like an airbag or brake. Normally, the rare exceptions do not work", Said Atug. "The brake also works in combination with an airbag and a strap better than without." With the right combination of measures, the security will be so high that the residual risk, which remains remains, is reasonable or acceptable.

Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: