The most important city services are encrypted, and the police are investigating.
A series of ransomware attacks this week led to a major disruption in the provision of local public services in several cities and districts in West Germany.
On the morning of October 30, a group of unknown hackers successfully encrypted the servers of the municipal service provider Südwestfalen-IT. To prevent the spread of malware, the company restricted access to its infrastructure for more than 70 municipalities, mainly located in the North Rhine-Westphalia region.
As a result of the attack, local government services were "severely limited", as the company said in a message posted on a temporary website, while the main site remains unavailable after the incident.
On the day of the attack, the administration of the German city of Siegen canceled all scheduled meetings with citizens, as most of the city's IT systems were disabled. As of Wednesday, most of the administration's online services remained unavailable.
"Due to the glitch, we do not have access to all applications running through Südwestfalen-IT," a spokeswoman for Wermelskerchen told German media. This affected the financial issues of the city, residents, cemeteries and registration services.
Affected administrations that responded publicly to the attack reported that despite failures in online systems, they still provide services to the public in an offline format. However, their internal and external communication, including email and telephone services, is largely non-functional.
German police and cybersecurity authorities are investigating the hacker attack and working to restore services for city administrations.
According to local experts, the timing of the attack has particularly affected its impact, as municipalities usually carry out financial transactions at the end of the month. Salary transfers, social assistance, and transfers from the patient care fund may be impeded due to the attack.
The German Federal Office for Information Security said it was aware of the incident and was in contact with the affected service provider. However, it cannot comment on additional details, as the investigation is still ongoing.
German prosecutors involved in the investigation told local media that they are currently working to determine the extent of the damage, which services were affected and who exactly was responsible for the attack. A "complex and lengthy investigation" is expected.
A series of ransomware attacks this week led to a major disruption in the provision of local public services in several cities and districts in West Germany.
On the morning of October 30, a group of unknown hackers successfully encrypted the servers of the municipal service provider Südwestfalen-IT. To prevent the spread of malware, the company restricted access to its infrastructure for more than 70 municipalities, mainly located in the North Rhine-Westphalia region.
As a result of the attack, local government services were "severely limited", as the company said in a message posted on a temporary website, while the main site remains unavailable after the incident.
On the day of the attack, the administration of the German city of Siegen canceled all scheduled meetings with citizens, as most of the city's IT systems were disabled. As of Wednesday, most of the administration's online services remained unavailable.
"Due to the glitch, we do not have access to all applications running through Südwestfalen-IT," a spokeswoman for Wermelskerchen told German media. This affected the financial issues of the city, residents, cemeteries and registration services.
Affected administrations that responded publicly to the attack reported that despite failures in online systems, they still provide services to the public in an offline format. However, their internal and external communication, including email and telephone services, is largely non-functional.
German police and cybersecurity authorities are investigating the hacker attack and working to restore services for city administrations.
According to local experts, the timing of the attack has particularly affected its impact, as municipalities usually carry out financial transactions at the end of the month. Salary transfers, social assistance, and transfers from the patient care fund may be impeded due to the attack.
The German Federal Office for Information Security said it was aware of the incident and was in contact with the affected service provider. However, it cannot comment on additional details, as the investigation is still ongoing.
German prosecutors involved in the investigation told local media that they are currently working to determine the extent of the damage, which services were affected and who exactly was responsible for the attack. A "complex and lengthy investigation" is expected.
