Enlarge image
Federal Statistical Office in Wiesbaden (archive picture): "No danger situation in relation to the federal election"
Photo: Rene Schulz / IMAGO
The Federal Statistical Office in Wiesbaden fell victim to a hacker attack.
Because the Wiesbaden authority is also the seat of the Federal Returning Officer, a corresponding media report about the cyber attack shortly before the election caused unrest.
The Federal Returning Officer organizes the federal election and will publish the result after the election.
Specifically, so-called webshells were installed on two servers.
This is software that allows remote access to servers and file systems, among other things.
Such programs repeatedly play a role in cyber attacks.
However, the servers affected in the current case belong to the area of responsibility of the Federal Statistical Office and have nothing to do with the Bundestag election or the tasks of the Federal Returning Officer, as several authorities involved emphasize.
A spokesman for the Federal Returning Officer confirmed the attack, but gave the all-clear with regard to the Bundestag election: "The internal election servers for determining the election results and the Federal Returning Officer’s Internet site are operated in separate networks, so there is no danger in relation to the Bundestag election."
On Friday, the Federal Ministry of the Interior also announced that “there is no threat to the general election.” The Federal Office for Information Security (BSI) has so far had no evidence of manipulation or data leakage, it said.
The departments entrusted with the technical analysis of the incident also refer to this so-called network segmentation.
In the case of larger IT systems, this is intended to ensure that attackers from a single gateway do not attack an entire system and spread across the network.
In addition, one does not assume a connection with the federal election, it is said from authorities.
"Rapid identification of the damage"
According to SPIEGEL information, the two affected servers have already been taken offline, according to the technical analysts.
In addition, the servers around the vulnerabilities were examined and no infection was found.
For the Federal Returning Officer, "the rapid identification of the damage" shows that the company's own security systems are working, as a spokesman for the Wiesbaden authority announced.
According to SPIEGEL information, the cyber attack was discovered this week by experts from the Federal Office for Information Security (BSI).
It is currently unclear when exactly the attack occurred and where the attack came from.
In order to clarify these questions as well as technical details, a forensic evaluation of the attacked servers continues.
According to SPIEGEL information, the IT service provider of the federal government, ITZBund, will file criminal charges against unknown persons for computer sabotage in the matter.
Among other things, ITZBund manages the servers of the Federal Statistical Office and the Federal Returning Officer.
hpp
