Publishing house of the »Rheinische Post«: »No damage occurred«
Photo: Olaf Döring / IMAGO
On the website of the »Rheinische Post«, one of the 50 most visited media sites in Germany, it says only briefly: »Due to a technical malfunction, our portal is currently unavailable«. The "technical malfunction", however, is considerable.
According to previous findings, the IT service provider circ IT GmbH & Co. KG was attacked by criminal hackers early on Friday evening. Circ IT is majority-owned by the Rheinische Post Media Group and is responsible for its IT infrastructure. As »heise online« reports, citing insiders, the attackers are said to have broken into Circ IT and paralyzed the websites of the »Rheinische Post« and several other newspapers »by means of a supply chain attack«. » Supply chain attacks« are directed against parts of a supply chain and thus harm the following areas.
In the case of the newspaper companies themselves, on the other hand, there is talk that their pages have been "taken off the net for reasons of prudence" and "proactively".
The pages of the »Bonner General-Anzeiger«, the »Aachener Nachrichten«, the »Trierischer Volksfreund«, the »Saarbrücker Zeitung« and the »Wuppertaler Rundschau« are still affected on Sunday. At present, they continue to operate in a severely restricted form at best. The website of the media group itself is not accessible at all.
Among other things, the »Bonner General-Anzeiger« states: »To the best of our knowledge, no damage has been caused by this cyber attack at this point in time, and user and customer data has not been stolen or compromised in any way«.
It is currently not publicly known whether the perpetrators are a ransomware group that paralyzes companies by encrypting their IT systems or copying internal data and threatening to publish it in order to extort a ransom. However, media companies, like other industries, are repeatedly among the targets of the groups, which often operate from Russia.