BSI on new cyberattack
Damage in Germany too
A major cyberattack targets a security vulnerability that was actually closed at the beginning of 2021. However, some IT managers have not done their homework. Companies from Germany are among the victims.
Companies and public institutions in Germany have also been affected by a large-scale global wave of cyberattacks using blackmail software. "According to the current state of knowledge, there appears to be a mid-three-digit number of people affected in Germany," the Federal Office for Information Security (BSI) announced in Bonn on Monday in response to a dpa query. More concrete statements on the extent of the damage are not yet possible. The Italian cyber security authority ACN had already warned of the wave of attacks on Sunday and called on organizations to take measures to protect their systems.
The cyberattacks are aimed at users of a special virtualization solution from the manufacturer VMWare, so-called ESXi servers, which split a physical server into several virtual machines. According to the BSI, the regional focus of the attacks was on France, the USA, Germany and Canada. Other countries were also affected. In so-called ransomware attacks, the attackers penetrate the systems, take control and lock out the victims. As a rule, the data is encrypted and only made accessible again after a ransom has been paid.
According to the BSI, the vulnerability in the VMWare software was already closed in February 2021 by updating the program. At that time, the authority also warned against the exploitation of vulnerabilities in the corresponding product.
Rüdiger Trost, Head of Cyber Security Solutions at IT security company WithSecure, told dpa that around 84,000 servers with the affected software are installed worldwide, and around 7,000 in Germany. However, it is not possible to say which of these are still vulnerable. The expert pointed out that the security gap had already been discovered and closed some time ago. "Anyone who is still a victim should check their protective measures."
A special feature of the current case is that the attack is not directed against Windows software, but against a solution that runs on the Linux operating system. "Many people mistakenly think that Linux ransomware doesn't exist and fail to take appropriate protective measures," said Trost.
You might also be interested in
New infection methods for Emotet, DarkGate and LokiBot
A recent analysis by Kaspersky has uncovered new, complicated infection tactics used by malware strains. According to this analysis, the famous Emotet botnet is using new infection paths via OneNote files to attack companies.
read more...Safer Internet Day" campaign day
Educate about dangers on the net
How do I stay safe online? This question is the focus of a day of action on internet safety. In Saxony, there are both online coaching sessions and events in schools.
read more...OT security vulnerabilities in Siemens devices
Otorio's research team has discovered two significant vulnerabilities in the Siemens Automation License Manager (ALM) component used in a variety of Siemens products including TIA, WinCC, Historian and PCS7 servers.
read more...embedded world Conference 2023
The safety and security topics of the conference
With almost 200 presentations, the embedded world Conference 2023 offers an extremely varied and extensive program. What is on the program in the area of safety and security?
read more...USB drive gateway
Industrial machines and the systems connected to them are usually equipped with the omnipresent USB interface. However, this connection is not only very popular with users, but also with cyber criminals.
read more...Schneider Electric and BitSight cooperate
Schneider Electric and BitSight are pooling their expertise to make OT systems more resilient to cyber risks. Other OT providers are also invited to take part in the project.
read more...Security portfolio expanded
Adlon is further developing its Security Operations Center and adding another module to the existing Managed SOC for Microsoft 365 environments (based on Managed XDR): 'Managed SOC Advanced'.
read more...Increasing cyberattacks on the manufacturing sector
A report from Check Point Exposure Management on the threat landscape in the manufacturing industry shows a dramatic increase in ransomware, supply chain attacks and OT-related cyber incidents. As smart factories and connected supply chains become...
read more...Cybersecurity is a top priority for car manufacturers
The latest "Automotive Manufacturing Outlook Survey" from ABB Robotics shows that cyber security has become the most important focus for automotive manufacturers around the world. This indicates a clear change in the perception of digital risks.
read more...