Skip to content

Progress after cyber attack on IT service provider

A good two months ago, criminals severely disrupted many administrations with a hacker attack on a municipal IT service provider. The local authorities laboriously created emergency solutions. Now there is another step forward.

Municipalities - Progress after cyber attack on IT service provider

A good two months after a hacker attack on the service provider Südwestfalen-IT (SIT), which affected more than 70 local authorities in North Rhine-Westphalia, further progress has been made. A "rollout for prioritized procedures" has begun in the first municipalities, said SIT spokesman Marcus Ewald on Thursday in response to a dpa inquiry.

These prioritized procedures include the issuing of ID cards and passports as well as re-registrations. However, it is still a long way from these services working everywhere again. The situation varies - also in view of the many transitional solutions and parallel structures provided at great expense by local authorities.

SIT spokesperson Ewald said in Hemer that it was only possible to find out precisely which services the affected cities, districts and municipalities would be able to offer their citizens again and when.

Citizen services for around 1.7 million residents affected

Upon noticing the hacker attack, the service provider immediately shut down all systems on October 30. A hacker group called "Akira" is believed to be behind the attack. As a result, the citizen services of the municipalities with a total of around 1.7 million inhabitants were severely restricted or initially almost completely paralyzed - with some major differences in the type and extent of the impact.

SIT has now created the "conditions for basic operation of the prioritized specialist procedures" - whereby basic operation means that these procedures are restarted with "reduced functionality", explained spokesperson Ewald. This means that there will still be restrictions in terms of services, with the municipalities gradually putting them into operation over the next few weeks. He spoke of a "pilot operation", which includes the areas of finance, social services, registration and motor vehicle services as well as the registry office.

In some municipalities, a high workload has built up over the past two months, as the WDR also reported. As many requests could not be dealt with after the cyber attack, the citizens' office was expecting a high demand for appointments, a spokeswoman for the city of Lüdenscheid told Westdeutscher Rundfunk.

In many places, the homepages continue to indicate limited availability. Temporary solutions - such as for vehicle registrations in the district of Soest - are helping to bridge the gap.

What happens next?

Together with the municipalities, the service provider SIT has "prioritized a second wave of a total of 16 specialist procedures", reported spokesperson Ewald. The SIT experts are now working on a plan based on this, which is to be released together with the municipalities in mid-January 2024. "As soon as the internal tests and quality assurance with the municipalities have been successfully completed, the procedures - as in the first wave - will be gradually released for pilot operation in some municipalities."

A good sign is that there are no indications of data theft so far, Ewald emphasized. Neither the forensic analysis nor the observations of the darknet had shown any signs of this.

The experts are not yet able to say how long it will take to eliminate all the consequences of the attack: "Unfortunately, it is not yet possible to predict when normal operations will resume."

Read also:

  1. Following the hacker attack on Südwestfalen-IT, which impacted over 70 municipalities in North Rhine-Westphalia, criminality in the realm of cyber attacks continues to pose a significant challenge to Germany's digital infrastructure.
  2. The progress made after the attack on the IT service provider has prompted discussions on strengthening cybersecurity in the municipalities of South Westphalia, with a focus on enhancing their resilience against such future cyber attacks.
  3. Despite the progress, the consequences of the hacker attack on the services offered by these municipalities are still being felt, as some areas like finance, social services, and vehicle registrations are still operating with reduced functionality.
  4. In light of the cyber attack, municipalities are actively collaborating with IT service providers to prioritize a second wave of specialist procedures, with the aim of implementing these procedures gradually and addressing the remaining challenges due to the attack.
  5. Efforts to combat cybercrime and enhance cybersecurity are not just limited to the municipalities or North Rhine-Westphalia; they are a national concern in Germany, with criminal organizations continuously looking for ways to exploit vulnerabilities in the digital world.

Source: www.stern.de

Comments

Latest

Grave accusations levied against JVA staff members in Bavaria

Grave accusations levied against JVA staff members in Bavaria

Grave accusations levied against JVA staff members in Bavaria The Augsburg District Attorney's Office is currently investigating several staff members of the Augsburg-Gablingen prison (JVA) on allegations of severe prisoner mistreatment. The focus of the investigation is on claims of bodily harm in the workplace. It's

Members Public