Cyber attacks: IT paralyzed, operations partially restricted

In the past few days, there have been several high-profile ransomware attacks. The University of Duisburg-Essen, the Austrian news agency APA and the Klinikum Lippe are affected.


The University of Duisburg-Essen, the Austrian news agency APA and the Klinikum Lippe defy their attackers: Operations continue – sometimes with restrictions – and investigations into the incidents are ongoing. In all three cases there is (at least publicly) no indication of the perpetrators. However, the modus operandi and the confirmed effects point to a currently operating ransomware gang.


Case 1: University of Duisburg-Essen

After a cyber attack last weekend, the system managers at the North Rhine-Westphalian university had to shut down the entire IT system at the facility to get an idea of the damage done. “After an initial inventory, all Microsoft Office applications, internal administration systems and e-mail traffic are affected. The telephone system is also out of order,” said the staff unit of the University Management & Communication Rectorate, Press Department, on Monday on the university website with.

According to an initial analysis, the hackers penetrated the internal systems over the weekend, encrypted large parts and then demanded a ransom. The university management then informed the responsible security authorities and lodged a complaint. According to the statement, external specialists should also be consulted.

Students are currently being taught in person, but have to be patient with administrative questions about their studies. Those responsible cannot yet estimate when the services will be fully available again.


Case 2: Austria Press Agency (APA)

Also last weekend – on Saturday, November 26, 2022 to be precise – the IT systems of the Austrian news agency APA fell victim to a cyber attack. The affected areas were immediately isolated and safe recovery initiated. According to a public statement by APA, the production of news and the operation of customer systems not affected at any time. No information can currently be given about the damage caused – according to APA, the incident was reported and the investigation is ongoing.

“As a company, we are prepared for such a scenario and immediately set up the APA crisis management team and a team of experts with internal and external IT and forensic specialists who are investigating the incident and are working flat out to fix it. As an immediate measure, the affected systems have been isolated and safe recovery initiated.” (APA Management)

Case 3: Klinikum Lippe

At the beginning of last week, Klinikum Lippe reported a partial failure on a status page of the IT systems at all three of its locations as a result of a massive hacker attack. According to the statement, the attack was “noticed by the hospital’s surveillance systems and IT and accompanied by defensive measures together with external specialists from the State Criminal Police Office”.

The hospital’s IT department is currently still working on setting up all the systems from scratch. All three locations of the clinic in Detmold, Lemgo and Bad Salzuflen can therefore only be reached by telephone and fax until further notice. Internal IT systems are available or, as in the case of ordering food, have been converted to the formerly analogue form. The care of patients in the hospital and emergency patients is therefore guaranteed – IT paralyzed, operations partially restricted.