SecuMail-Blog

  1. Home
  2. Uncategorized
  3. Ransomware attack – in addition to damage limitation, don’t forget the obligation to report!
News from SecuMail

Ransomware attack – in addition to damage limitation, don’t forget the obligation to report!

16. October 2023
By

Attack? Reporting obligation!

Did you know that you have to report a ransomware attack to the responsible State Office for Data Protection and the BSI? The Federal Office for Information Security (BSI) also offers you an emergency document (first aid in the event of a serious IT security incident), as well as packages of measures (overview of the most important measures) and handouts.

Further information and the handouts can be found on the BSI website at: Emergency plan and BSI handouts

Attack? Display!

Since a ransomware attack is a criminal offence according to §§ 202a-d, 203, 206, 303a-b of the German Criminal Code, you should also report the incident. The responsible police authorities are searching the darknet for data that is captured in the course of the ransomware attack and may be offered for sale there. They also offer support in coping with the consequences of an attack. Affected companies can contact the central contact points for cybercrime of the police: Contact Cyber Crime Police Offices

The tried and tested – the new danger

Did you know that ransomware has been around for 34 years? Yes, you read that right, ransomware is not a new threat, but it is a threat that is more topical than ever!

In 1989, the first ransomware attack became known: at that time, the malware was sent by letter on a floppy disk. As soon as the floppy disk was inserted, a program started that encrypted the contents of the hard drive of the connected PC. The decryption was only possible via another floppy disk, which of course was only sent after paying the demanded ransom.

 

Ransomware attack – what happens?

According to the German Federal Office for Information Security (BSI), ransomware attacks on companies, public authorities and educational institutions are currently the greatest threat in the IT sector. In a ransomware attack, the recipient receives an email asking them to click on a link or open a file attachment. The attachments are often disguised as invoices or profit notifications. The email is usually so well fictitious, the content of which is so well argued, that a click can be done quickly. One click is all it takes for the ransomware programs to encrypt the contents of individual computers or entire networks. These are only released after a ransom has been paid.

 

Ransomware: Graphic of an exemplary attack sequence: a SPAM mail with a malicious attachment infects the victim (employee(s) of a company), through lateral work the content of the malicious attachment gets into the company network and leads to encryption there. In addition, data theft can occur, which is usually downloaded to external servers and, in the worst case, published. To prevent the publication of sensitive data and also to obtain decryption, the victim must fulfill a ransom demand. The ransom is usually to be paid via anonymous payment portals in the form of a cryptocurrency. Source of the graphic. BSI report

Source: Report of the Federal Office for Information Security (BSI) “The State of IT Security in Germany 2022”, page 15, as of 31.07.2023

 

The complete report on the state of IT security at the BSI can be found here: Report on the IT security situation of the BSI

 

Prevention is better than cure!

Take precautions and protect yourself. To protect your company and your employees from ransomware attacks, phishing and SPAM, use SecuMail® – the cloud filtering service that subjects emails to a security check in seconds.

Contact us today and let us make you an individual offer:

E-mail: vertrieb@secumail.de
Phone: +49 8171-2469-114 Mr. Wilhelm, Phone: +49 8171-2469-124 Ms. Wolff

More information about SecuMail

 

 

 

 

 

Tags:
GDPR Cookie Consent with Real Cookie Banner