after the explosion Hacker attack on Carinthian state administrationA ransom note has surfaced on the dark web. According to Gerd Kurth, head of the State Press Service, a hacker group is seeking five million dollars to provide decryption software. “Our IT experts found this requirement, it was not sent directly to us,” Kurth says. The amount is to be transferred to an account in bitcoin, Kurath told a news conference on Wednesday: “The country will not meet the demand and will not pay.” Talks are currently underway with the police and the State Office for the Protection of Constitution and Combatting Terrorism (LVT) on how to proceed.
A hacker group called the “Blackcats” is behind the attack that paralyzed the state administration of Carinthia on Tuesday morning. According to Kurth, it operates internationally and has about 100 members. according to internet portal www.techrepublic.com The “Blackcats” are a “new and emerging faction” on the scene. In recent months they have “targeted a number of companies by taking advantage of vulnerabilities in Windows systems”.
On May 14 of this year also the office of the Carinthian state government: on this day the “blackcat” managed to break an account. According to Kurth, the hackers distributed their encryption software from here. for ten days, until Tuesday, Of the nearly 3,000 PC workstations in the state administration, around 100 are infected with the virus. “200 servers have to be cleaned up,” Kurth says.
According to Kurth, there is “no evidence yet” for the “blackcats” claim that they also snatched sensitive data stored on the country’s servers. However, this cannot be ruled out for the time being.
The state of Carinthia has been grappling with heavy IT problems since Tuesday morning. A large part of IT has failed. It is currently not possible to work with various programs including Outlook. Not only was the office of the Carinthian State Government (AKL) affected, but all eight district authorities, the State Audit Office and the State Administrative Court were also affected. “They are connected to our system,” Kurth says. The entire telephone system is down, and the mail system is also not working. Around 3900 employees and around 3000 PC connections are affected.
continue in emergency mode
All the affected officers are in emergency. And that’s not going to change anytime soon. If possible, only urgent tasks are done. All activities that depend on the EDP system, and these are most of them, do not work. Contact with district authorities is possible, but all work related to payment may not be completed. This also includes the issuance of passports. In general, there will be a delay in the processing of files. “We ask all concerned for their understanding,” Kurth says.
HTL attack blocked
According to media reports, the “blackcat” recently tried it out in Austria: in mid-April there was an attack on HTL St. Hackers smuggled vigorously Lower Austrian News A Trojan virus entered the computer system and demanded money. But they didn’t get it. Perhaps not because the attack was largely repelled by the school’s own security program. PC devices were blocked in HTL, student data, grades or other sensitive areas were additionally protected and were not affected. The hacker group had to make pictures of the students.
Team Carinthia boss Mayer Gerhard Köfer asks himself: “Could it be that HTL in St. Polten is better prepared for cyber and hacker attacks and is also safer from them than the state of Carinthia?” He urges to highlight how well the country is in the field of cyber security. The question also needs clarification on whether data has been stolen or misused: “In any case, the state government has a huge amount of highly sensitive and sensitive data from citizens. It is highly suggestive that one type of data Theft cannot be completely ruled out as of now.”
Freelance twitter maven. Infuriatingly humble coffee aficionado. Amateur gamer. Typical beer fan. Avid music scholar. Alcohol nerd.