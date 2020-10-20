It was a hacker attack that made headlines nationwide: In September, strangers had encrypted 30 servers at the University Hospital in Düsseldorf and sent a blackmail letter. However, this was addressed to the university. When the police informed the hackers that they had caught a hospital, they sent the key to unlock the systems. But it took 13 days before the emergency room could be accessed again by the emergency services. A woman who instead had to be referred to a Wuppertal hospital died.

Such alarming cases show the magnitude of the threat posed by hacker attacks. The cybersecurity situation is “tense at a very high level,” says Arne Schönbohm. He is president of the Federal Office for Information Security (BSI) – the federal cybersecurity authority – and presented the current status report on Tuesday. Every day, according to Schönbohm, the number of malicious programs in the network has grown by an average of 320,000. Hackers use them to infiltrate computers, steal data, or encrypt servers.

The “King of Malware”

The pandemic is an additional challenge for IT security. Not just because more people are in the home office. “Corona has shown how flexible cyber criminals are,” said Schönbohm. For example, they faked websites to apply for emergency aid for companies and used the tapped data to then apply for help themselves.

The BSI’s headache is the “Emotet” malware, which has been increasingly used for cyber attacks again since September 2019. “Emotet” is considered the “king of malware”. The occurrence of the Trojan marks a change in method: “Whereas previously untargeted mass attacks on randomly hit targets were the method of choice, malware attacks are now becoming more intelligent and – through a cleverly combined use of various malware – more targeted,” write the cybersecurity experts. After a successful infection of a computer system, “Emotet” loads further malicious programs with which the user can spy on, copy his data and take control of the computer. If the victim appears to be solvent, the attackers can encrypt all systems in the last step and demand a ransom. “The damaging effect of this approach is immense,” says the report.

More profit from cybercrime than from drugs

Affected companies, authorities and scientific institutions might have to accept high costs for the restoration of systems or for production downtimes. Ransom demands in the eight-digit range were observed. “Organized crime earns more money with cybercrime than with drugs,” said Schönbohm.

How devastating such an attack can be was shown by the attack on the city administration of Neustadt am Rübenberge in Lower Saxony in September 2019, where parental allowance applications, building plans and much more were encrypted. According to the BSI, the administration of the city with 45,000 inhabitants could not offer individual services until the first quarter of 2020. Here too, “Emotet” served as a “door opener”. Presumably attached to an authentic-looking e-mail, the program had reached the city administration and infected it. The Berlin Superior Court was also the victim of an “Emotet” attack – with immense damage.

“Insufficiently secured or incorrectly configured databases”

In addition, between mid-2019 and mid-2020, the BSI again registered a particularly large number of reports on the theft of customer data. Well-known banks, medical practices and hospitals, universities and a car rental company were found to be affected.

Databases with highly sensitive medical data were also discovered freely accessible on the Internet. “Insufficiently secured or incorrectly configured databases were the cause of the data leakage,” says the BSI. In Germany alone, around 15,000 data records were publicly accessible between July and September 2019. This included patient names, dates of birth, examination appointments, treatment information and high-resolution x-rays.

In the opposition, the federal government is accused of “failure” in terms of IT security. “Germany is more insecure than ever in the digital area,” says Green Party Vice-President Konstantin von Notz. “Horst Seehofer and the Federal Ministry of the Interior do not deliver: The ‘IT Security Act 2.0’ that has been promised for years is still not in place.” Seehofer made it clear on Tuesday that the law will be introduced during this legislative period. But for many critics that comes too late.