23-Jun-2022
The attack was on the IT service provider of the energy suppliers - according to the Hessian Ministry of the Interior, the hacker attack was a ransomware attack. The ministry does not want to say how high the demanded ransom is in this case because of the ongoing investigations. And the incident has so far ended smoothly: Both the city's critical infrastructure and customer data are currently unaffected by the attack. However, there have been increased delays in bus services because not all IT systems are running properly again. Such incidents are not an isolated case. It was only in the fall of 2021 that Stadtwerke Wismar was targeted by cybercriminals. After a cyber attack, employees could no longer access company data. Although the energy supply was ensured at all times, the IT systems of the municipal utility were in emergency operation until the turn of the year.
Critical infrastructures (CRITIS), i.e. system-relevant companies and organizations, are increasingly becoming victims of hacker attacks. "Cyber attacks are almost the order of the day for CRITIS operators in all sectors," was also the verdict of the Federal Office for Information Security (BSI) in its report on the "Situation of IT Security in Germany 2021." And the BKA situation report "Cybercrime 2021" also confirms that attackers primarily targeted CRITIS and public authorities last year. The reason for this is the enormous relevance of CRITIS for the state. A successful attack can have fatal consequences for the affected organization and the civilian population. This makes them particularly vulnerable to blackmail.
Damage from ransomware on the rise
Increasingly, these attacks are ransomware attacks ¬- in which data is encrypted and often stolen, with subsequent ransom demands. The number of such extortion attacks continued to increase in 2021, according to the BKA. And the annual damage caused by ransomware has risen rapidly in recent years: from 5.3 billion euros (2019) to about 24.3 billion euros (2021). Per attack, the damage has increased by 21% on average.
At the same time, phishing is becoming more and more professionalized. Employees of a company hardly recognize such emails anymore. The fake e-mails are often used to put targeted pressure on employees by threatening them with deadlines and fines. Phishing was one of the main entry vectors for malware in 2021 - including ransomware. Due to the attackers' clever methods, antivirus programs and firewalls are no longer sufficient.
Protection through digital quarantine
The best protection is offered by a virtual browser. This prevents external access by hackers. The R&S®Browser in the Box from Rohde & Schwarz Cybersecurity creates a "digital" quarantine. It enables the separation of intranet and Internet at the network level as well as isolation at the computer level. Encryption of end devices, a highly secure VPN connection and protection of the home WLAN can also protect against attacks.
Press & media contact
Uwe GreunkeResponsible for Marketing, Division Networks & Cybersecurity
uwe.greunke@rohde-schwarz.com
Rohde & Schwarz
Rohde & Schwarz is striving for a safer and connected world with its Test & Measurement, Technology Systems and Networks & Cybersecurity Divisions. For 90 years, the global technology group has pushed technical boundaries with developments in cutting-edge technologies. The company's leading-edge products and solutions empower industrial, regulatory and government customers to attain technological and digital sovereignty. The privately owned, Munich based company can act independently, long-term and sustainably. Rohde & Schwarz generated net revenue of EUR 2.78 billion in the 2022/2023 fiscal year (July to June). On June 30, 2023, Rohde & Schwarz had around 13,800 employees worldwide.
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG.
Networks & Cybersecurity
With its subsidiaries LANCOM Systems, Rohde & Schwarz Cybersecurity, and Rohde & Schwarz SIT, the group has bundled its expertise in one division. Know-how that is needed to become the largest provider of network and cybersecurity technology for companies, public authorities, and organizations in Europe.
