After the cyber attack on digital administration systems in the state capital, the police are looking for the perpetrators. At the same time, it is becoming increasingly clear how many areas in the town hall can now work to a limited extent. The PNN give an overview of the situation
What happened?
According to the city administration, there was a warning from the security authorities after Christmas that there was a serious threat to the municipal IT systems. As a result, they went offline on December 29 – to prevent damage. On Monday, the town hall also announced that a so-called brute force attack had also been detected on that day “as part of the monitoring” – i.e. an IT attack method on the systems. The next day, the three large municipal companies also went offline as a preventive measure.
What is a brute force attack?
In brute force attacks, attackers simply try all possible combinations of letters and numbers to guess user names or passwords. Digital tools can automatically enter such combinations at high speed. Systems that can be reached via the Internet are constantly being attacked in this way. Because this technique is not particularly elegant, this attack is also called “brute force”.
How often are cyber attacks registered?
More frequently. The Federal Office for Information Security (BSI) is observing an increase in cyber attacks in Germany, but municipalities and cities are not particularly the focus of attackers, according to a BSI spokeswoman: “Successful attacks, however, often have a direct impact on citizens and citizens.” As a rule, attackers are concerned with money: “By encrypting data by the perpetrators and then blackmailing them by offering to decrypt the data again, money is to be extorted,” says the BSI spokeswoman. It doesn’t seem to have happened in Potsdam.
However, politically motivated hackers may have other goals: “So far, there have been a number of minor incidents and hacktivism campaigns in Germany in connection with Russia’s war of aggression against Ukraine,” says the BSI website. Examples of this were the failure of remote maintenance in German wind turbines after an attack on a satellite communications company and an attack on German mineral oil dealers with a Russian parent company. According to the BSI, there has not yet been a comprehensive attack campaign against German targets.
In the past few days, suspected hacker attacks against lottery companies in several federal states – including Brandenburg – have also become known. Here, too, the website was shut down as a precaution. It was unclear on Tuesday whether there was a connection to the case in Potsdam. The police said they were aware “of a situation in connection with a current hacker attack on the Lotto Brandenburg system”.
Who is being investigated now?
That is unclear. For reasons of tactical investigation, the police headquarters and the State Criminal Police Office (LKA) did not provide any further information – not even on the PNN request as to whether professional gangs were assumed to be the group of perpetrators. A police spokeswoman said the investigations were based at the Cyber Competence Center of the LKA, which specializes in investigating information and communication crime. The suspicion of a brute force attack expressed by the town hall is being examined. In any case, the necessary measures had been taken, the spokeswoman said.
What problems are associated with the switched off Internet?
They are diverse. Above all, the more than 2,700 employees of the city administration cannot be reached by e-mail, and the Internet connection is offline for the time being. For example, citizens cannot make online appointments with the Citizens’ Service, nor can they register and de-register vehicles or order an express passport.
But there are other problems, for example with the housing benefit reform that has been in place since the beginning of the year. A city spokesman made it clear that new applications in this area “can only be processed finally” when the systems are online again. However, they are also working on alternative solutions, especially for social procedures.
Health monitoring is also disrupted. For example, no corona infections are currently reported on the city’s homepage. A city spokesman said on request that laboratories and doctors could not report anything to the health department at the moment. “When our systems and programs are connected to the outside world again, the transmission will take place again in the usual way.”
When is improvement in sight?
The municipal companies are to go back online step by step this week. For the town hall, the administration had promised on Monday that the systems would be gradually put back into operation from next week – if the necessary security checks were passed this week and “further precautions were taken in coordination with the security authorities,” so that City hall.
To home page
