Cyber Attack on the City Rodgau in Hesse Causes Service Systems to Fail

The network of the city administration and he municipal utilities of #Rodgau was the target of a cyber attack on February 23, 2023. All service systems were down for an extended period. Hackers have paralyzed the network of the city. This was reported by the municipal press spokeswoman Sabine Hooke: "This is a shock. All service systems are down. That means: All mail addresses of the employees do not work. The city administration and the municipal utilities can only be reached by phone."

Frankfurt's attorney general's office confirmed to Hessian Radio #hr that the Central Office for Combating Internet Crime (ZIT) had opened an investigation into the matter Read More .

Critical Infrastructure Not Affected

Mayor Max Breitenbach (non-party) told Hessian Radio hr1 on Friday (February 24, 2023), that the critical infrastructure was not affected: "Waste disposal, sewage treatment plants and street lighting were functioning, but otherwise relatively little". From registry office to residents' registration office, almost all offices were affected. With the start of service on Thursday, several files could no longer be opened, some computers had not responded at all. When it became known that this affected authorities throughout the city, the entire network was shut down as a precaution. It was not yet possible to say whether citizens' data had been compromised. The full extent will only become clear in the coming days. Breitenbach did not answer the question of whether the city was being blackmailed and referred to the investigations by the public prosecutor's office.

CyberCompetenceCenter Hessen3C

The #CyberCompetenceCenter (#Hessen3C), founded in 2019, is the central competence center for interdisciplinary cooperation and institutionalized collaboration of state authorities in Hessen. It has the task of increasing security in the state's information technology, averting cyber-specific threats, increasing the efficiency of the fight against cybercrime and creating synergies. "Hessen3C is the central cybersecurity unit in Hesse. In an increasingly interconnected virtual world, we depend on fast-reacting and adaptable units that detect and counter threats at an early stage and contribute to preserving the state's ability to act and public safety," explains the Hessian Minister of the Interior Peter Beuth . With the establishment of Hessen3C, the Hessian state government has created groundbreaking and innovative structures to counter threats from the network. The experience, expertise, ideas and concepts gained in the process are being put into practice. Areas of action include intensive knowledge and insight transfer in cyber situations, more training and continuing education for cybersecurity experts, and advice and support for strategic issues and operational requirements. Cybersecurity must be thought of and implemented holistically. Only by networking the relevant players and establishing a central coordinating body in the federal states can we succeed in digitizing our society in a comprehensive yet secure manner.?

The German State, Local Authorities, Industry, Science, Associations, and Citizens Must Work Closely Together to Preserve Cybersecurity

Of course, cyberattacks do not only occur in Hesse. Companies and even public institutions are increasingly falling victim to criminals nationwide. Last year, the attack on the police website or on various universities in the Rhine-Neckar district made headlines. In April 2022, for example, the administration of the town of Schriesheim (8 km north of Heidelberg) was paralyzed - data was also stolen in the process. Municipalities and other public institutions in the country Baden-Württemberg get help from the Cyber Security Agency (#CSBW). The CSBW has been an independent agency since 2022. In this year, 70 suspected cyberattacks landed on the IT experts' desks. Two-thirds of them were actual attacks, CSBW President Ralf Rosanowski told Deutsche Presse-Agentur. Seven incidents were larger - including the Schriesheim case, he said. The starting point for the founding of the CSBW was the Cybersecurity Act.

Keeping an Eye on the Cybersecurity Situation and Preparing Regular Reports and Recommendations for Action

As the highest state authority, CSBW is responsible for the whole of Baden-Württemberg. It reports to the Ministry of the Interior. "We are the central coordination office for cybersecurity," Rosanowski explained. Among its tasks, he said, is keeping an eye on the cybersecurity situation and preparing regular reports and recommendations for action. "This includes such things as malware and vulnerability alerts," Rosanowski added. "Cyberattacks are a pretty broad field." Among the most common are so-called ransomware attacks. In this case, data on an IT system is encrypted and thus locked. There is no decryption until a ransom is paid. "But even if a ransom is paid, there is no guarantee in such cases that the data will actually be restored or that it will not be made public anyway," Rosanowski said. A cyberattack can basically hit anyone, said Bj?rn Schemberger, head of the cybersecurity agency's detection and response department. "So also private individuals and companies." The agency is primarily a point of contact for public institutions such as the state administration, municipalities or universities, he said. But also businesses essential to infrastructure such as water utilities or waste companies, he said. "The earlier you detect the damage, the better you can stop it from spreading," the expert said.

We Collect Experiences from the Attacks and Try to Prepare and Make the Knowledge Gained Available as Helpful Offers for People

In the area of so-called detection and response, the cybersecurity agency currently has around 20 employees. "If CSBW provides support in the event of a cybersecurity incident, the experts in incident handling first get a picture of the damage situation," said Schemberger, explaining the procedure. Then, for example, the security architecture is rebuilt with the affected parties, he said. According to Rosanowski, weak passwords or phishing e-mails, which are intended to trick users into clicking on malicious links, are always the gateways for hackers. He strongly advise against simple passwords such as "12345". Random passwords are considered safe. Password generators from the Internet or on the smartphone create the combinations of letters, numbers and special characters. With various prevention offers, the authority is trying to provide education, Rosanowski said. "We also collect experiences from the attacks and try to prepare and make the knowledge gained available as helpful offers for people in Baden-Württemberg." The cybersecurity agency is not a law enforcement agency, the agency chief explained. The agency forwards important information that could help identify a hacker to the police. The goal of the state agency, he said, is primarily through prevention to prevent attacks and, if a cyber attack does occur, to assist those affected.

Read More

International Conference On Consumer Electronics (ICCE)

The Technical Program Committee of the #ICCE-Berlin has currently published the Call for Papers and Proposals (CfP). Cybersecurity is a central theme of the conference. You are cordially invited to submit Your Paper!

ICCE-Berlin Organizing Committee

General Chair Dr.-Ing. Volker Ziegler, Vice Chairman of the Board Information Technology Society (ITG) in VDE

Technical Program Chair Prof. Dr. Jürgen Freudenberger, Head of Department Key Technology at the Agency for Innovation in Cybersecurity (Cyber Agency) Halle (Saale).

Technical Program Chair Dr. Alessandro Tonnaci, Researcher at the Institute of Clinical Physiology of the National Research Council of Italy, Pisa

Vice Executive Chair Prof. Dr. Lucio Ciabattoni, Assistant professor at the Polytechnic University of Marche, Ancona, Italy.

Local Chair Carsten Pinnow, Chairman of the Board VDE-Elektrotechnischer Verein (ETV) e.V. District Association Berlin-Brandenburg and publisher of the German online portal for data security issues in the private, professional, business and government environment Datensicherheit.de?

Author

Executive Chair Dr.-Ing. Christian Gross , Regional Director EMEA of the IEEE Consumer Technology Society (CTSoc) and Board Member of VDE Rhein-Main .