The old town of Bitterfeld in Saxony-Anhalt. (Photo: ArTono / Shutterstock)
The district of Anhalt-Bitterfeld declared a disaster on Friday afternoon because of a serious hacker attack on the network of its administration. “This attack has a direct impact on all areas of the district’s range of services and thus also affects the concerns of citizens, which cannot be dealt with at the moment,” it says. The disaster gives the district administrator the opportunity to make faster decisions and request help, said a spokesman for the dpa news agency.
The attack itself had already occurred earlier in the week. This is a ransomware attack in which files on the county government’s server were encrypted by the attackers. According to reports from the MDR, they are demanding a ransom to unlock the system. Apparently the experts have not yet succeeded in ridding the affected computers of the malware.
As was the case with the Mitteldeutsche Zeitung first reported, the attackers allegedly infiltrated through a security vulnerability called “PrintNightmare”. Just a few days ago, Microsoft used an emergency patch to plug the critical security hole in the Windows printer spooler service. Apparently it came too late for the district administration of Bitterfeld: Almost the entire system of the district has now been disconnected from the network in order to prevent data theft. The citizens of the district should report in the coming days either by phone or by post, says a spokesman. It is assumed that you will not be able to work fully in the coming week either.
Politicians call for mandatory reporting of ransomware attacks
“The situation is crappy, but not hopeless, “said Uwe Schulze (CDU), District Administrator of Anhalt-Bitterfeld, on Friday opposite the MDR. They are currently working with federal experts to decrypt the files concerned. In addition, the law enforcement authorities are involved. However, many services for citizens are currently idle; neither the vehicle registration office nor the social welfare and youth welfare offices can go about their work.
Only last week there was a large-scale hacker attack made headlines: An attack on the US IT service provider Kaseya has now damaged 800 to 1,500 companies worldwide, including the Swedish supermarket chain Coop. Here too, ransomware was installed in many cases. Behind it should be the hacker group REvil.
As research by the BR and Zeit Online recently revealed, there have been around 100 blackmail attempts at authorities using sheep software in the past six years alone, including the state parliaments of Saxony -Anhalt and Mecklenburg-Western Pomerania, at schools, police stations, universities and hospitals. Since there is currently no obligation to report ransomware attacks, politicians such as Left Party MP Anke Domscheit-Berg and Green Party politician Konstantin von Notz are calling for a clear strategy to deal with such attacks.
