The computer systems no longer work, important data is encrypted. What the district of Anhalt-Bitterfeld had to experience is the horror scenario of many institutions. The designated coalition in Saxony-Anhalt, made up of the CDU, SPD and FDP, has now committed to the topic for the next five years. And some municipalities in the state – alarmed by the case at the beginning of July – checked their security standards and in some cases improved them.
Specifications of the BSI
For example, the existing measures in the Wittenberg district have been checked again, said a spokeswoman. “Here we have once again been able to significantly increase security in some places.” The district did not provide any information on specific measures. Pretty much all rural districts and cities try, according to their own statements, to comply with the security standards in accordance with the requirements of the Federal Office for Information Security (BSI).
According to the information, a new data center has been under construction in the Harz district since the end of the year. The Mansfeld-Südharz district and the Saale district, for example, also reported that employees were again made aware of the issue.
“There is still a lot to do for the digital world”
From the point of view of the Saxony-Anhalt Association of Cities and Municipalities, the municipalities are set up very differently when it comes to cybersecurity. Some have done what is currently “humanly possible”, said country manager Bernward Küper. “But most of them still have a lot to do to get into the digital world.”
That is why Küper expressly welcomed the plans of the designated state government. The alliance wants to be loud the draft for the coalition agreement (PDF file) Strive for a nationwide common data policy and thus ensure the security of all digital applications of the administration and the state. “We want to counter cybercrime resolutely and provide the necessary technical and human resources,” the 150-page paper continues. By September 10, the parties want to decide on the basis of the draft treaty whether they want to join the black-red-yellow coalition.
Underfunded public service at risk
In the past, attackers not only focused on public administration, but also banks, universities and hospitals. The cases are increasing nationwide. The state therefore last put together an investment program in July to increase data security in the clinics as well. In Saxony-Anhalt, the Harz Clinic and the Magdeburg Clinic were to receive funds. According to the state chancellery, 2.4 million euros would be available through the federal structural program II.
But are hospitals, municipalities or medium-sized companies specifically scouted out? Attackers also search publicly and specifically for a vulnerability, as Manuel Atug from the Chaos Computer Club says. There are certain industries and areas where they would rather target, such as hospitals or the public service. The public service is often underfunded, Atug continued. And of course, attackers would have an easy game if there was a high probability that money could be extorted.
No one hundred percent protection possible
A good one and a half weeks after the cyber attack, the Anhalt-Bitterfeld district categorically refused to pay a ransom. Previously, on July 6, several servers in the district were infected with so-called ransomware, which encrypts data. After a cash payment, the data should be released again. However, there is no guarantee that the data will be accessed again after the extortion fee has been paid.
From the point of view of experts, there is no one hundred percent protection. The best protection against attacks is a triad of prevention, detection and reaction, said Atug from the Chaos Computer Club. In addition to preventive measures such as regular backups, which are also saved offline, an open error culture must be lived with all employees. This gives you the opportunity to identify errors in your own system at an early stage. The administrators could then react and adapt the security standards – according to a clear plan, advises the IT security expert.