The Federal Criminal Police Office (BKA) became aware of a total of 42 cyber attacks on universities and scientific institutions between 2022 and 2024. The federal government reported this number as of June 19, 2024, in its so far published response to a request from the CDU/CSU parliamentary group. Most of the impact falls on individual universities. But large research collaborations also have to deal with the phenomenon. The Fraunhofer and Max Planck Societies reported three and eight attacks respectively, the Leibniz Association five and the German Research Foundation one “successful” attack.
Advertisement
These institutions have recorded attacks such as ransomware, cyber espionage or cyber sabotage in particular, in which networks were weakened, servers were taken over, data was encrypted or withdrawn, resulting in damage. The total of 3,723 cyberattacks announced by the Helmholtz Association is based on a fairly broad definition. It understands this to mean all attacks “that could result in a harmful event”. This includes, for example, phishing emails and prohibited login attempts to Helmholtz accounts.
Clean-up work costs millions of dollars
The effects were According to the answer Sometimes serious. The Fraunhofer Society alone estimates that the total damage including analysis, cleaning and restoration of IT systems for 2022 will amount to around 15 million euros. At that time, the Fraunhofer Institute for Microstructure of Materials and Systems (IMWS) in Halle was affected. The Helmholtz Association had to spend more than 12 million euros for similar purposes in 2023. It is said that investigating authorities are usually involved in larger cases and that demands for ransom payments are not met. The government says it has no data on the clearance rate. The Bundeswehr’s Cyber and Information Space Command was requested for administrative assistance in two cases in 2023.
According to the responsible federal interior ministry, the malware variants used in most of the known attacks were identified and further investigation approaches were prepared. However, due to ongoing proceedings and confidentiality reasons, “no further information about the perpetrators can be provided.” The Federal Office for the Protection of the Constitution has generally named Russia, China and Iran as the main actors in secret service-controlled cyber attacks.
At the same time, the executive branch is aware that 36 different universities and comparable scientific and research institutions were affected by cyber attacks. Two of these were repeatedly targeted by criminals. There were 19 attacks in 2022, 18 in 2023 and five so far this year. There have been approximately two incidents in the area of the Bundeswehr University in Munich since 2022. The damage identified ranges from the failure of the university’s website to the temporary loss of IT-supported services and offerings, leakage of data, large-scale encryption of IT servers and long-term failures. From a viewpoint of the resilience of science, tailored proposals such as the IT basic security profile for universities published in 2022 are supported.
(Old)
