A district council in eastern Germany has declared a disaster after its computer systems were paralyzed by a hacker attack in what the federal cybersecurity watchdog confirmed was the country’s first-ever “cyber-catastrophe.”
Hackers knocked out the IT operations of the municipality of Anhalt-Bitterfeld, in the state of Saxony-Anhalt, on Tuesday, July 6, a spokesperson confirmed on Saturday, July 10.
“We are almost completely paralyzed,” the spokesperson said, adding its offices would probably remain offline next week and giving no indication of when services would resume.
The municipality declined comment on the identity of the attacker or whether they had made a ransom demand, citing a police investigation. Security sources say German local governments often run outdated and poorly maintained software systems that could be wide open to cyberattack.
The rural district of Anhalt-Bitterfeld, with a population of 157,000, is for the time being unable to pay out welfare benefits. Its consequent catastrophe declaration is a formal step that allows it to call for federal help.
The cyberattack is the latest in a series of incidents targeting public infrastructure, including the recent takedown of the US Colonial Pipeline, while extortionists have also targeted widely-used IT applications with ransomware attacks.
Germany’s BSI cybersecurity agency said it had sent a crisis team to Anhalt-Bitterfeld. A spokesperson said that, although other local authorities had been the victim of cyberattacks, none had declared a catastrophe as a result.
Just yesterday, July 9, the World Economic Forum (WEF) held a “cyber-attack simulation” which pretended there has been a massive cyber-attack upon the global supply chain. It brought together elements from the worlds largest corporations, banks, government at federal and state levels, and even intelligence agencies like CIA, to deal with the “simulated attack” in real time, and learn form each other as to how such things can be dealt with.
THere was widespread speculation that this “exercise” might turn into the real thing because after a similar exercise which “simulated a bio-attack” COVID-19 suddenly appeared across the world, creating havoc. That was scoffed-off as being just a coincidence.
Is today’s “cyber-catastrophe” in Germany the beginning of another such “coincidence?”