Cyber attacks: IT paralyzed, operations partially restricted

In the past few days, there have been several high-profile ransomware attacks. The University of Duisburg-Essen, the Austrian news agency APA and the Klinikum Lippe are affected.

The University of Duisburg-Essen, the Austrian news agency APA and the Klinikum Lippe defy their attackers: Operations continue – sometimes with restrictions – and investigations into the incidents are ongoing. In all three cases there is (at least publicly) no indication of the perpetrators. However, the modus operandi and the confirmed effects point to a currently operating ransomware gang.

Case 1: University of Duisburg-Essen

After a cyber attack last weekend, the system managers at the North Rhine-Westphalian university had to shut down the entire IT system at the facility to get an idea of the damage done. “After an initial inventory, all Microsoft Office applications, internal administration systems and e-mail traffic are affected. The telephone system is also out of order,” said the staff unit of the University Management & Communication Rectorate, Press Department, on Monday public statement by APA, the production of news and the operation of customer systems not affected at any time. No information can currently be given about the damage caused – according to APA, the incident was reported and the investigation is ongoing.

“As a company, we are prepared for such a scenario and immediately set up the APA crisis management team and a team of experts with internal and external IT and forensic specialists who are investigating the incident and are working flat out to fix it. As an immediate measure, the affected systems have been isolated and safe recovery initiated.” (APA Management)

Case 3: Klinikum Lippe

At the beginning of last week, Klinikum Lippe reported a partial failure on a status page of the IT systems at all three of its locations as a result of a massive hacker attack. According to the statement, the attack was “noticed by the hospital’s surveillance systems and IT and accompanied by defensive measures together with external specialists from the State Criminal Police Office”.

The hospital’s IT department is currently still working on setting up all the systems from scratch. All three locations of the clinic in Detmold, Lemgo and Bad Salzuflen can therefore only be reached by telephone and fax until further notice. Internal IT systems are available or, as in the case of ordering food, have been converted to the formerly analogue form. The care of patients in the hospital and emergency patients is therefore guaranteed.