Enlarge image
Campus of the university in Essen: "Criminal energy of the organization"
Photo: Ralph Lueger / IMAGO
Cyber criminals published data from the University of Duisburg-Essen on the dark web after successfully attacking the university with malware a few weeks ago.
This was announced by the North Rhine-Westphalian university on Monday.
The attackers' demands were not met and no ransom was paid.
Immediately after discovering the attack at the end of November, the university shut down the entire IT infrastructure and disconnected it from the network.
"Only a small part of the data got into the hands of the criminal organization." Nevertheless, the university takes the publication of the data on the Darknet very seriously.
The attackers are a so-called ransomware group.
Such groups encrypt the data of their victims and thus paralyze their systems.
The attackers usually only release the data again after those affected have paid a ransom.
In order to increase the pressure on their victims, the criminals have been starting to publish parts of the stolen data for some time.
(Read more about the blackmailers' business here.)
The University of Duisburg-Essen is now saying that it will not get involved in "digital blackmail" and will not support any crimes.
According to the university, the Federal Criminal Police Office and the Federal Office for Information Security (BSI) also recommend this approach.
At the same time, the university emphasized that it gives top priority to data protection and the protection of personal data.
»Highly professional approach«
All security measures are based on the standards of the BSI, the university emphasizes, their own experts are also supported by specialized companies.
"The fact that the attackers nevertheless managed to extract data and make ransom demands once again illustrates the highly professional approach and criminal energy of the organization."
In coordination with the data protection authorities, all necessary steps have been taken to keep the impact of the published data as low as possible.
If people or institutions are affected by data theft, they will be informed as soon as possible.
It was initially unclear exactly which data was stolen by whom or published on the Internet.
The central and contact point for cybercrime at the Cologne public prosecutor's office took over the investigation in the process.
The university had been the target of a hacker attack twice within a few weeks.
During the first attack on November 27, the entire IT system, including landline telephony, was paralyzed.
Only gradually could the experts restore or replace some digital services.
Teaching with more than 40,000 students was massively restricted.
In mid-December, the university then informed about a second attack in which the newly set up temporary page had been “massively attacked”.
Students and teaching staff were then asked via social media to renew their passwords.
hpp/dpa
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/JLX4IXAS25BVBICTHHWJ3AT5IY.jpg)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
