Trojan attack on Funke media group continues – emergency issues at the kiosk

The cyber attack on the Funke media group is ongoing. Several systems are still not ready for use nationwide. The company announced that it was “an attack in which the perpetrators encrypted data on the Funke media group’s IT systems.” The exact background was initially unclear.

There were eight-page emergency issues of at the kiosks on Wednesday WAZ, Berliner Morgenpost or Hamburger Abendblatt. This was made possible thanks to an “enormous effort” by all employees, writes the company.

At the public prosecutor’s office, the Cybercrime Central and Contact Point (ZAC) took over the proceedings. Specialists from the State Office of Criminal Investigation investigate with a special organizational structure (BAO) of the Essen police.

“We are working flat out to fix the IT malfunction as quickly as possible,” said a Funke spokesman. The websites of the group’s newspaper titles were still accessible on Wednesday, and the printed copies appeared consistently as emergency editions. The actually paid content on the web can currently be read free of charge.

Funke announced on Wednesday afternoonthat the attack continues. On Christmas Eve, however, the company’s publications would appear at all locations with “a significantly larger volume, i.e. 16 to 20 pages”. The media company’s magazines should appear as planned, there have been no difficulties so far.

According to the company, numerous computer systems throughout Germany were affected by the attack on Tuesday, including the editorial offices and printing houses at all major locations in Bavaria, Berlin, Hamburg, Lower Saxony, North Rhine-Westphalia and Thuringia. The failure affects several central IT systems via which the various locations, editorial offices and printing plants of the Essen media company are connected.

The attackers used ransomware to encrypt data on the media group’s IT systems. These were shut down immediately in a controlled manner. According to its own information, the Funke media group was prepared for such a scenario and immediately set up a task force with internal and external IT and forensics experts. These are currently investigating the incident. Funke does not want to provide any further information for tactical reasons.

In May 2019, computers at Heise Verlag and the Heise Group were infected on a massive scale after a workstation computer was infected with Emotet (Heise media, to which c’t and heise online belong, were not affected). In spite of quick countermeasures, there was considerable property damage. (with material from the dpa) /


To home page