The cyber attack on the University of Duisburg-Essen (UDE) in November last year was apparently carried out by the Cybergang Vice Society. The criminal masterminds have now published the encrypted and captured data on the Darknet. Meanwhile, the University of Innsbruck reports that it successfully fended off a cyber attack over the weekend.
University of Duisburg-Essen: No ransom paid
The University of Duisburg-Essen did not engage in digital blackmail, as recommended by the Federal Criminal Police Office (BKA) and the Federal Office for Information Security (BSI). Therefore, the UDE did not comply with the attackers’ demands and did not pay a ransom. As the UDE itself reports, the cybercriminals have now published data on the dark web.
The Cybergang Vice Society, which attacked the University of Duisburg-Essen, published the captured data on the Darknet because the ransom was not paid.
After Assessment by the University of Duisburg-Essen Only a small part of the data got into the hands of the criminal organization, as the entire IT was shut down and disconnected from the network immediately after the attack was discovered. Since the IT security measures follow the standards and the IT baseline protection methodology of the BSI, this shows “once again the highly professional approach and the criminal energy of the organization”, since “the attackers still managed to extract data and make ransom demands”.
With regard to the published data, the UDE states that it has been “in close contact with the responsible security and investigative authorities since the attack”. “In coordination with the data protection authorities, all necessary steps are being taken to keep the impact of the published data as low as possible. The published data is currently being evaluated. If persons or institutions are affected by a data publication, they will be informed as soon as possible”, the university discusses further.
University of Innsbruck: Cyber attack repelled
As the University of Innsbruck now announcedthere was an attempt at the weekend “to attack our university’s IT infrastructure. Our experts at the ZID quickly recognized the incident and took appropriate precautions to prevent it. All members of the university are now being asked to change their passwords to be on the safe side”.
Citing the university, media reports that no data was stolen or encrypted in the cyber attack. There was also no attempt at blackmail. A university spokesman said that no major damage should have occurred. The data protection authority should be informed about the incident and a report made to the police.
(dmk)
