Cybercriminals demand ransom in aftermath of hack on IT service provider
A week since a cyber attack on IT service provider Südwestfalen-IT, investigators have uncovered the use of sinister ransomware. The mission of this ransomware? To exact a payment, the Dortmund police declared on Monday, referencing intel from the Central and Contact Point Cybercrime (ZAC) at the Cologne public prosecutor's office. Negotiations with the perpetrators remain nonexistent at this moment.
The hack on Südwestfalen-IT (SIT/Hemer) occurred a week ago, limiting the service and operation of various municipal administrations in North Rhine-Westphalia (NRW). The 72 local governments affected are scrambling to find alternative solutions, with some grappling with increased reliance on paper documents.
The districts of Siegen-Wittgenstein, Lüdenscheid, and Leichlingen have turned to emergency websites, while other municipalities, such as Soest, have resorted to alternative channels like phone and in-person contact. Some services remain operational, albeit with limitations or extended wait times for citizens.
Reports confirm that the southern and eastern regions of NRW have been hit hardest by the attack, though the intensity varies depending on the scope of services utilized by each municipality. Initial news mentions of ransomware went unconfirmed by the investigators until now.
SIT is now seeking external help and collaborating with network partners like the Federal Office for Information Security (BSI), as per the Dortmund police.
The digital services of numerous municipalities in NRW have been disrupted by this ransomware attack, leaving them no choice but to turn to alternate solutions, revealing the vulnerability of municipalities' digital infrastructure against cybercrime.
It's worth noting that municipalities in North Rhine-Westphalia can take action to bolster their digital infrastructure resistance against ransomware attacks, including:
- Regular security audits, penetration tests, and incident response planning.
- Participation in smart city initiatives and digital transformation projects.
- Collaboration with local experts and regular employee training.
- Compliance with regulatory requirements like the European NIS2 Directive.
Implementing these measures can lead to significant improvements in a municipality's digital infrastructure resilience against ransomware attacks and other cyber threats.
