A hacker attack on the Anhalt-Bitterfeld district triggered the first cyber disaster in Germany.
According to its own statements, the administration of the district in Saxony-Anhalt has to cease its work for almost two weeks because criminals attacked the computer system on July 6th.
"We are practically completely paralyzed - and that will also be the case in the coming week," said a spokesman on Saturday.
The district with around 157,000 inhabitants can therefore no longer pay out any social or maintenance benefits.
The security authorities are investigating.
The disaster was declared in order to be able to react more quickly, as the district spokesman explained.
Now it is a matter of finding the source of the infection as well as analyzing and combating the virus.
The IT infrastructure must be rebuilt.
Citizens' services should be resumed as soon as possible.
Last disaster due to flooding
"This attack has direct effects on all areas of the district's range of services and thus also affects the concerns of the citizens, which cannot be dealt with at the moment," said the district on Friday afternoon.
In addition, further consequences are currently not foreseeable.
According to the information, the disaster was also declared because many financial concerns of citizens were affected.
According to the spokesman for the circle, it is about people who are waiting for social benefits, or about youth welfare.
The last disaster in the Anhalt-Bitterfeld district was declared in 2013 because of the flood.
The Federal Office for Information Security (BSI) announced on Saturday that it was switched on and on site.
"There have already been attacks on municipalities in Germany, but none that then declared a disaster," said a spokeswoman.
On Monday there should be an initial evaluation of the knowledge gained over the weekend.
District in transition phase
The momentous attack on the district's network occurred on Tuesday.
Several servers were infected from a previously unknown source, it said.
As a result, an unspecified number of files was encrypted.
All critical systems were disconnected from the network in order to prevent any data leakage.
The district has reportedly filed a criminal complaint and is working closely with law enforcement authorities.
The district of Anhalt-Bitterfeld did not want to provide any information about the attackers with reference to the police investigations.
In security circles it is suspected that it is again blackmail.
In such cases, attackers encrypt data, which they only release after payment of the required sum.
The district of Anhalt-Bitterfeld with around 158,000 inhabitants is currently in a transition phase.
The long-time District Administrator Uwe Schulze (CDU) did not run for election recently.
He declared a disaster on Friday.
His successor Andy Grabner (CDU) will take over the official business next Monday.
He was already involved in all measures and decisions, it said.
Old software in municipalities
In security circles, it is pointed out that the municipal IT infrastructure in Germany is probably the worst protected against cyber attacks - even though a lot of citizen data is generated here.
Large companies and the federal government, on the other hand, can afford extensive IT departments.
The BSI has a national cyber defense center that is primarily intended to register and ward off attacks on the federal administration. Companies in the so-called critical infrastructure, such as energy supply, are also required to report cyber attacks. Municipalities sometimes have outdated software and hardware and only small IT departments.
In the past few months, attacks by criminal groups on networks had increased on both companies and public institutions. For example, medical companies and the Düsseldorf Clinic were attacked, which then had to temporarily close departments. Just last week, a cyber attack by a blackmail group in the USA and other countries such as Germany hit hundreds of companies. In some cases, state actors are also suspected to be behind the criminal groups.