Municipalities - Progress after cyber attack on IT service provider
A good two months after a hacker attack on the service provider Südwestfalen-IT (SIT), which affected more than 70 local authorities in North Rhine-Westphalia, further progress has been made. A "rollout for prioritized procedures" has begun in the first municipalities, said SIT spokesman Marcus Ewald on Thursday in response to a dpa inquiry.
These prioritized procedures include the issuing of ID cards and passports as well as re-registrations. However, it is still a long way from these services working everywhere again. The situation varies - also in view of the many transitional solutions and parallel structures provided at great expense by local authorities.
SIT spokesperson Ewald said in Hemer that it was only possible to find out precisely which services the affected cities, districts and municipalities would be able to offer their citizens again and when.
Citizen services for around 1.7 million residents affected
Upon noticing the hacker attack, the service provider immediately shut down all systems on October 30. A hacker group called "Akira" is believed to be behind the attack. As a result, the citizen services of the municipalities with a total of around 1.7 million inhabitants were severely restricted or initially almost completely paralyzed - with some major differences in the type and extent of the impact.
SIT has now created the "conditions for basic operation of the prioritized specialist procedures" - whereby basic operation means that these procedures are restarted with "reduced functionality", explained spokesperson Ewald. This means that there will still be restrictions in terms of services, with the municipalities gradually putting them into operation over the next few weeks. He spoke of a "pilot operation", which includes the areas of finance, social services, registration and motor vehicle services as well as the registry office.
In some municipalities, a high workload has built up over the past two months, as the WDR also reported. As many requests could not be dealt with after the cyber attack, the citizens' office was expecting a high demand for appointments, a spokeswoman for the city of Lüdenscheid told Westdeutscher Rundfunk.
In many places, the homepages continue to indicate limited availability. Temporary solutions - such as for vehicle registrations in the district of Soest - are helping to bridge the gap.
What happens next?
Together with the municipalities, the service provider SIT has "prioritized a second wave of a total of 16 specialist procedures", reported spokesperson Ewald. The SIT experts are now working on a plan based on this, which is to be released together with the municipalities in mid-January 2024. "As soon as the internal tests and quality assurance with the municipalities have been successfully completed, the procedures - as in the first wave - will be gradually released for pilot operation in some municipalities."
A good sign is that there are no indications of data theft so far, Ewald emphasized. Neither the forensic analysis nor the observations of the darknet had shown any signs of this.
The experts are not yet able to say how long it will take to eliminate all the consequences of the attack: "Unfortunately, it is not yet possible to predict when normal operations will resume."
Read also:
- A clan member is punished here
- Traffic lawyer warns: Don't talk to the police!
- Will he be convicted as Jutta's murderer after 37 years?
- He also wanted to kill his cousin
Source: www.stern.de
