Trending Topics Cybersicherheit – Februar 2023


Myra's monthly security highlights provide IT decision-makers and security professionals with the most relevant topics from the world of cybersecurity. Current trends, defense strategies and news on cyber attacks, attack campaigns and more can be found here in a clearly arranged format.

It should be common knowledge by now that cyber attacks can affect anyone. However, when the US Federal Bureau of Investigation (FBI) or the NATO military alliance fall victim to digital attacks, it makes headlines.

The cyber incident at the FBI occurred in the New York field office. The affected computers are said to be used for the evaluation of child pornography. It is likely that confiscated devices such as smartphones, tablets or notebooks smuggled the malware into the network of the US Federal Police. Meanwhile, the attacks on NATO were classic DDoS attacks aimed at crippling the alliance's website. The Killnet group, which has claimed responsibility for various attacks on government agencies, banks, hospitals and critical infrastructure around the world in recent months, is believed to be behind the attack.

Soon, the designated head of the German Federal Office for Information Security (BSI), Claudia Plattner, will also have to deal with cyber groups such as Killnet. Plattner is scheduled to start as the new president of the BSI on July 1. Plattner, a mathematician, has previously worked as a software developer, held various IT decision-making roles at Deutsche Bahn, and joined the European Central Bank (ECB) in mid-2021 as director general for information systems.

This and other important news, developments and insights from IT security can be found in compact form in the following overview.

The top IT security topics in February


Job offers on the darknet: up to €20,000 for developers

Capable developers are promised high salaries in darknet forums for developing and maintaining attack software. The alleged criminal clients even entice them with paid vacation, as a recent analysis shows. Payment is usually made in cryptocurrencies.

Learn more

Costs of cyber attacks: Damages in the millions burden one in three companies

A recent study by management consultants PwC found that 88 percent of the German companies surveyed had been the victim of a cyber attack in the past three years that caused at least €10,000 in damage. In 30 percent of all cases, the total amounted to more than €1 million.

Learn more

Finance and insurance in DACH: Shortage of skilled workers hampers effective cyber defense

A study by the bug bounty platform YesWeHack in collaboration with the magazines CIO, CSO and Computerwoche examined how banks, financial service providers and insurers protect themselves against cyber attacks. The study participants see the greatest challenge in the topic of cyber security in the glaring shortage of skilled workers.

Learn more

DoS attacks slow down Tor network

As the developers of the anonymization tool report in a blog entry, the Tor network has been slowed down by DoS attacks for seven months. At times, the attacks had affected the network to such an extent that users were no longer able to access websites. It is not known who is behind the attacks.

Learn more

GDPR: Data protection enforcement to be improved

The EU Commission wants to simplify enforcement of the General Data Protection Regulation (GDPR) via a legislative initiative. This is intended to improve cooperation between national supervisory authorities in cross-border cases.

Learn more

Cybercriminals use ChatGPT hype for attacks

The global interest in the machine learning solution ChatGPT is increasingly being exploited by cybercriminals. Recently, fake ChatGPT applications for Android and Windows systems containing malware increasingly appeared.

Learn more


Attack on Hessian city administration and municipal utilities

A cyber attack on the systems of the city of Rodgau and the municipal utilities there has led to outages of various administrative services. Due to the outages, citizen services are only available on site until further notice; the city administration and municipal utilities can only be reached by phone.

Learn more

Cyber attack on IT service provider

The systems of IT service provider Adesso have been compromised as a result of a cyber attack. The attackers are also said to have managed to steal company data. Customer systems are not affected by the incident.

Learn more

DDoS attacks on several hospitals in Franconia, Germany

Cyber criminals have attacked several hospitals in Franconia. During the attacks, the organizations' websites were deliberately paralyzed. Among others, the clinics in Gerolzhofen and Schwabach were affected.

Learn more

Ransomware attack against pipeline company

Friedrich Vorwerk, a company specializing in the construction of gas pipelines and critical infrastructure, fell victim to a ransomware attack at the end of last year. As has now become known, the attack affected large parts of the company's IT. The costly repair of the IT infrastructure and the ERP system took around a month.

Learn more

Cyber incident: FBI confirms breach in New York offices

Attackers have managed to penetrate the systems of the FBI. According to media reports, the cyber incident occurred at the FBI offices in New York City. Systems for evaluating child pornography are said to be affected. Due to ongoing investigations, the federal agency did not want to provide any further details.

Learn more

Cyber attacks on NATO websites

Through a series of cyber attacks, attackers have managed to temporarily overload the websites of the NATO military alliance. Details of the attacks have not been communicated. Experts suspect that the Killnet group is behind the attacks. It is likely that the attacks were DDoS attacks.

Learn more

Best Practice, Defense & Mitigation

BSI updates IT-Grundschutz compendium

The BSI standard work is now available in the new 2023 edition. According to BSI Vice President Gerhard Schabhüser, the 858-page IT-Grundschutz-Kompendium is a comprehensive tool for securing processes and projects according to the state of the art.

Learn more

Finland's most wanted cybercriminal caught

Finnish Julius K., also known as Zeekill, has been caught by criminal investigators in France. The 25-year-old is accused of blackmailing an online psychotherapy practice and disseminating therapy notes of over 22,000 patients. Julius K. is considered a self-confessed member of the Lizard Squad group, which specializes in DDoS attacks.

Learn more

US agency urges healthcare industry to improve DDoS defenses

After the cyber group Killnet carried out multiple attacks on the online services of US hospitals in recent weeks, the US Department of Health and Human Services is informing the healthcare industry about the current threat situation. In a concise report, the agency explains the existing threats and provides advice on effective defenses.

Learn more

Things to know

Claudia Plattner becomes new BSI boss

Germany’s Federal Minister of the Interior Nancy Faeser (SPD) has appointed a new head of the BSI: Claudia Plattner, a mathematician, is to take over the post on July 1. Plattner is currently still director general of information systems at the ECB. Prior to that, the former software developer held various positions at Deutsche Bahn, where she most recently drove the modernization of IT as CIO at DB Systel.

Learn more

Tools and prevention: defense against brute force attacks

In brute force attacks, cybercriminals do not exploit vulnerabilities in websites or online tools, but rather rely on the carelessness and convenience of users. Using simple or already compromised credentials, online accounts can be easily hijacked using automated brute force methods. Learn here how companies can protect their customers from such threats.

Learn more

Related articles