It was a hacker attack that made headlines nationwide: in September, strangers had encrypted 30 servers at the University Hospital in Düsseldorf and sent a blackmail letter. However, this was addressed to the university. When the police informed the hackers that they had caught a hospital, they sent the key to unlock the systems. But it took 13 days for the emergency services to be available again for the emergency services. A woman who had to be referred to a hospital in Wuppertal instead died.
Such alarming cases demonstrate the magnitude of the threat of hacker attacks. The cyber security situation is “tense at a very high level,” says Arne Schönbohm. He chairs the Federal Office for Information Security (BSI) – the federal cybersecurity authority – and presented the current status report on Tuesday. According to Schönbohm, the number of malicious programs in the network is growing by an average of 320,000 every day. Hackers use them to infiltrate computers, steal data or encrypt servers.
The “king of malware”
The pandemic is an additional challenge for IT security. Not only because more people work from home. “Corona has shown how flexible cyber criminals are,” said Schönbohm. These forged websites requested companies for emergency assistance and used the tapped data to request help themselves.
BSI’s headache is the “Emotet” malware, which has been increasingly used for cyber-attacks since September 2019. “Emotet” is considered the “king of malware”. The Trojan’s appearance marks a change in method: “While previously untargeted mass attacks on randomly hit targets were the method of choice, malware attacks are now becoming more intelligent and – through cleverly combined use of different malicious programs – more targeted,” the report writes. cybersecurity experts. After successful infection of a computer system, “Emotet” loads further malicious programs that allow the user to spy on, copy his data and take control of the computer. If the victim appears to be solvent, the attackers can encrypt all systems in the last step and demand a ransom. “The damaging effect of this approach is enormous,” the report said.
More profit from cybercrime than from drugs
Involved companies, authorities and scientific institutions may have to accept high costs for system recovery or production downtime. Ransom requirements in the eight-digit range are adhered to. “Organized crime makes more money from cybercrime than from drugs,” says Schönbohm.
How devastating such an attack can be was shown by the attack on the city council of Neustadt am Rübenberge in Lower Saxony in September 2019, encrypting claims for parental benefits, building plans and much more. According to the BSI, the government of the 45,000-resident city could not offer individual services until the first quarter of 2020. Here too “Emotet” served as “door opener”. Supposedly attached to an authentic-looking email, the program had reached the city government and infected it. The Berlin Supreme Court was also the victim of an “Emotet” attack – with enormous damage.
“Inadequately secured or incorrectly configured databases”
In addition, between mid-2019 and mid-2020, the BSI again registered a particularly large number of reports about theft of customer data. Well-known banks, doctors’ practices and hospitals, universities and a car rental company were found to be affected.
Databases with highly sensitive medical data have also been freely accessible on the internet. “Inadequately secured or misconfigured databases were the cause of the data breach,” said the BSI. In Germany alone, about 15,000 data records were publicly accessible between July and September 2019. This included patient names, dates of birth, study appointments, treatment information, and high-resolution X-rays.
In the opposition, the federal government is accused of “failing” in IT security. “Germany is more uncertain than ever in the digital field,” said Konstantin von Notz, Green Party vice president. “Horst Seehofer and the Federal Ministry of the Interior are not delivering: the ‘IT Security Act 2.0’ promised for years is still not in force.” Seehofer made it clear on Tuesday that the law will be introduced in this parliamentary term. But for many critics that is too late.