The cyber security agency in Baden-Württemberg has been around for around two years. Hacker attacks on municipalities, for example, end up on the desks of IT specialists. The data cannot always be saved.
Stuttgart (dpa/lsw) – Cyber ??attacks not only affect companies, public institutions are also increasingly victims of criminals. Most recently, the attack on the police website or on various universities made the headlines. Last April, the administration of the city of Schriesheim (Rhein-Neckar district) was paralyzed – data was also stolen in the process. Municipalities and other public institutions have been receiving help from the Baden-Württemberg Cyber ??Security Agency (CSBW) since February 2021.
The CSBW has been an independent authority for more than a year. In 2022, 70 suspected cyber attacks landed on the desks of IT experts. Two thirds of them were actually attacks, as CSBW President Ralf Rosanowski told the German Press Agency. Seven incidents were larger – including the Schriesheim case.
The starting point for founding the CSBW was the Cyber ??Security Act. As the higher state authority, it is responsible for all of Baden-Württemberg. It reports to the Ministry of the Interior. “We are the central coordinating body for cyber security,” explained Rosanowski.
The tasks include keeping an eye on the cyber security situation and regularly creating reports and recommendations for action. “This includes warnings about malware and security gaps,” Rosanowski continues. “Cyber ??attacks are a pretty broad field.”
The most common are so-called ransomware attacks. The data is encrypted on an IT system and thus blocked. Decryption is only possible after paying a ransom. “But even if a ransom is paid in such cases, there is no guarantee that the data will actually be restored or not published anyway,” said Rosanowski.
In principle, a cyber attack could hit anyone, said Björn Schemberger, head of the detection and response department at the cyber security agency. “So also private individuals and companies.” The agency is primarily the contact for public institutions such as the state administration, municipalities or universities. But also companies that are essential for the infrastructure, such as water suppliers or waste disposal companies. “The earlier you identify the damage, the better you can prevent it from spreading,” says the expert.
In the area of ??so-called detection and reaction, the cyber security agency currently has around 20 employees. “If the CSBW supports a cyber security incident, the experts in incident handling first get an idea of ??the damage situation,” Schemberger explained the procedure. Then, for example, the security architecture will be redesigned with those affected.
According to Rosanowski, the gateways for hackers are always weak passwords or so-called phishing emails, which are intended to persuade users to click on defective links. Rosanowski warned against using the same password over and over again.
Experts also strongly advise against using simple passwords such as “12345”. Random passwords are considered secure. Password generators from the Internet or on the smartphone create the combinations of letters, numbers and special characters.
The authority is trying to provide clarification with various preventive offers, said Rosanowski. “We are also gaining experience from the attacks and are trying to process and make available the knowledge we have gained as helpful offers for the people in Baden-Württemberg.”
The cyber security agency is not a law enforcement agency, the agency chief said. The agency forwards important information that could help identify a hacker to the police. The aim of the state authority is above all to prevent attacks and, if a cyber attack does occur, to support those affected.
