One Article Review
| Source |  Recorded Future |
|---|---|
| Identifiant | 8316107 |
| Date de publication | 2023-03-06 14:03:00 (vue: 2023-03-06 23:06:38) |
| Titre | Vice Society ransomware group claims German university as latest victim |
| Texte |
The Vice Society ransomware group added the Hamburg University of Applied Sciences (HAW Hamburg) to its leak site this weekend following an attack that the institution said took place late last year.
HAW Hamburg is one of several German-speaking institutions with a focus on applied sciences to be targeted by ransomware gangs in recent months.
In [a statement](https://www.haw-hamburg.de/fileadmin/PK/PDF/Infos_Art._34_DS-GVO_final.pdf) sent to all employees and students, the university said the attack was on December 29, describing a ransomware incident without using the term itself. The school has about 16,000 students.
“The attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage,” the statement explained.
“With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started,” it added.
The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses and mobile phone numbers.
Despite describing the compromised passwords as “cryptographically secured” the IT team recommended that students and staff change their passwords “for all internal university applications,” adding “in particular, change your password for Microsoft Teams and avoid using passwords that you have already used before.”
The university said it had to rebuild its IT systems, including the existing Microsoft cloud environment, and was “trying to restore a backup of the email data from the old mail server as of December 14.”
Following the attack, HAW Hamburg's IT security said it had “received several reports from students about attempts to log on to Internet portals such as Amazon and eBay by unauthorized third parties.”
“After reviewing all previous reports, and taking into account the attacker group's previous approach, it can be ruled out that the login attempts are related to the security incident at HAW Hamburg or the attacker group,” the team added.
Back in January the Vice Society ransomware group [claimed responsibility](https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/) for a November attack against the University of Duisburg-Essen in Germany.
Then in February the University of Zurich, Switzerland's largest university, announced it was the target of a “serious cyberattack,” which a spokesperson described to The Record as “part of a current accumulation of attacks on educational and health institutions.”
The week before, the [Harz University of Applied Sciences](https://www.n-tv.de/regionales/sachsen-anhalt/Hochschule-Harz-nach-digitalem-Angriff-offline-article23885755.html) in Saxony-Anhalt, [Ruhr West University](https://www.hochschule-ruhr-west.de/hrwoffline/), and the [EU/FH European University of Applied Sciences](https://www.eufh.de/hochschule/pressemitteilung) all announced being impacted by cyberattacks.
|
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 000 about account accumulation added adding addresses administrative against all already also amazon amounts angriff anhalt anhalt/hochschule announced applications applied approach are areas” art article23885755 attack attacker attackers attacks attempts avoid back backup backups before being can central change claimed claims cloud components compromised copied current cyberattack cyberattacks data de/fileadmin/pk/pdf/infos de/hochschule/pressemitteilung de/hrwoffline/ de/regionales/sachsen december decentralized deletion described describing despite digitalem duisburg ebay educational email employees encryption environment essen eu/fh eufh european existing explained february final finally focus following from gained gang gangs german germany germanys group gvo had hamburg harz has have haw health hochschule html https://therecord https://www impacted incident including institution institutions internal internet its itself january largest last late latest leak log login mail manually media/vice microsoft mobile months nach network november numbers obtained offline old one out particular parties password passwords path pdf phone place platforms portals previous ransomware rebuild recent recommended record related reports responsibility restore reviewing rights ruhr ruled said saved saxony school sciences secured” security sent server several site society speaking spokesperson staff started statement storage students such switzerland systems taking target targeted team teams term then third thus took unauthorized universities/ university used usernames using various vice victim virtualized warned way week weekend west which without worked year your zurich “after “cryptographically “for “in “part “received “serious “significant “the “trying “with |
| Tags | Ransomware Guideline Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.