Attacks – presumed – by Russian hackers on IT systems in Germany are constantly being registered by security specialists.
The damage caused by the attackers is significant.
They threaten the critical infrastructure, the state, institutions and companies and every single citizen.
This is shown by the attack on the Darmstadt company Count + Care, an IT service provider that works for the electricity supplier Entega, the Darmstadt local transport company Heag Mobilo and the Mainzer Stadtwerke, among others.
responsible editor for feuilleton online and "media".
Follow I follow
The attack attributed to the Russian hacker group Black Cat took place on June 12.
In the past few days it has emerged that the hackers have stolen large amounts of customer data: names, addresses, account details.
These have been on the dark web since July 10th and 11th - freely available to criminals.
The hackers had tried to blackmail Count + Care, the company did not give in to the criminal request and filed a criminal complaint with the Hessian State Criminal Police Office.
Entega writes that the cybercriminals wanted to extort a "ransom" in the "tens of millions" for the data.
For those affected, however, the question arises: What should I do?
Change passwords or delete the account right away?
Name, address and account details
The companies provide answers on specially set up websites which, according to IT security experts, describe the correct procedure: "Name, contact details and contract data", the Stadtwerke Mainz reported, "criminals could use to pretend to be you or an employee of our company and perform unwanted actions ('social engineering')”.
One should pay attention to communications that seem unusual and report them to the company.
In the event that many of those affected assume that the IBAN has also been published, one should watch out for suspicious debits on one's own bank account and, if necessary, contact the bank and the law enforcement authorities.
At Entega, the damage to customers is enormous: contract account numbers, business partner numbers, bills and meter and consumption data were tapped from electricity, gas, district heating and water customers;
for telecommunications customers also telephone numbers, bills and lists of balances.
In other words: Criminals have access to everything they need to, for example, in the name of those who have been robbed, as Entega lists, "to shop on the Internet, conclude contracts or create user accounts for online services (identity theft)".
Identity theft, in turn, can lead to unauthorized debits and direct debits from one's own bank account.
Security experts say: In the company's customer portal - such as Entega - reset your own password immediately.
If you have used the password elsewhere, which you should not do, you must change it there as well.
Regularly check movements on the bank account.
You have to watch out for phishing emails because the hackers have the email address.
Phishing e-mails work with the request that you have to do something urgently - provide account information, initiate a transfer or open the file attached to the e-mail or a displayed web link.
If you follow the request, you reveal more data or get malware, thanks to which the criminals can read everything, access data, block it or paralyze the computer.
Count + Care is working on "expanding the security structure even further"; they themselves want to encrypt customer data "extra", write the Mainzer Stadtwerke.
This is urgently needed.
How precarious the situation is is shown by Entega's note on how the company contacts its customers or how they should contact the hotline: "We will not contact you," it says, "in this matter without first contacting you Call you.” If you are called on a pretext by an alleged Entega employee, you should hang up immediately.
You should never give out access data and passwords on the phone or in writing.
If you want to be on the safe side, you could delete all of your affected accounts right away.
But security experts don't think that's necessary.
may they be right.