Hacker wants ransom in cyberattack against IT service provider
One week after a hacker attack on the service provider Südwestfalen-IT, investigators have confirmed the use of ransomware. This so-called ransomware was used with the aim of obtaining a ransom, the police in Dortmund announced on Monday, citing the Central and Contact Point Cybercrime (ZAC) at the Cologne public prosecutor's office. "There is currently no contact with the perpetrator group."
The service provider Südwestfalen-IT (SIT/Hemer) was attacked a week ago. As a result, the service and operation of several municipal administrations in NRW has been restricted since then. The 72 local authorities affected are working on alternative solutions, with some reporting an increased reliance on paper documents.
For example, the district of Siegen-Wittgenstein, the Sauerland town of Lüdenscheid and the Bergisch municipality of Leichlingen reportedly use emergency homepages. Some services are possible, others have restrictions or citizens have to be patient, reported other affected parties such as the district of Soest. Some also referred to telephone or personal contact channels.
A ZAC spokesperson recently reported that the southern and eastern parts of North Rhine-Westphalia were particularly affected - with varying effects depending on the scope of the SIT services used.
So far, there had only been talk of ransomware from the SIT side; investigators had not yet commented on this. The IT service provider is now also using external help and is in contact with other network partners such as the Federal Office for Information Security (BSI), according to the Dortmund police.
The cyberattack has disrupted the digital services of several municipalities in North Rhine-Westphalia, forcing them to rely on alternative solutions such as paper documents and emergency homepages. Despite the efforts of investigators, there's currently no contact with the perpetrator group responsible for this ransomware attack, which highlighted the vulnerability of municipalities' digital infrastructure to cybercrime.
Source: www.dpa.com
