The Kaiserslautern University of Applied Sciences (HS Kaiserslautern) has fallen victim to a ransomware attack, joining a growing list of German-speaking universities targeted by cybercriminals in recent months. The incident, confirmed last week, resulted in the university's "entire IT infrastructure" being taken offline, including email accounts and the telephone system. With over 6,200 students affected, almost every facility and service provided by the institution has been disrupted. The university warned students and staff not to power on their work computers, as the encryption attack may have impacted the workstations as well.
The identity of the attackers remains unknown, and it is unclear if any information was stolen from the university's systems as part of an extortion attempt before the encryption process. This incident marks the latest in a string of cyberattacks targeting German-speaking universities. In March, the Vice Society ransomware group targeted the Hamburg University of Applied Sciences (HAW Hamburg), while the University of Zurich in Switzerland, Harz University of Applied Sciences in Saxony-Anhalt, Ruhr West University, and the EU/FH European University of Applied Sciences were also impacted in previous months.
Kevin Kirkwood, Deputy CISO at LogRhythm, shared his perspective on the ransomware attack and how educational institutions can protect themselves from becoming a similar victim.
“Although it is not yet clear who is behind the attack or whether information has been compromised, the attack on HS Kaiserslautern is a reminder of the uptick in cyberattacks against higher education in recent months. Just last week, German universities Harz University of Applied Sciences, Ruhr West University and EU/FH European University of Applied Sciences reported similar attacks.
Considering the increasing risk posed by cybercriminals, it is imperative for educational institutions to reassess their incident response protocols and enhance their security stance. To safeguard colleges and universities, it is advisable to allocate resources towards cybersecurity solutions that can identify malicious activity and promptly react by implementing measures to thwart any subsequent unauthorized entry attempts. Moreover, it is crucial for these institutions to prioritize authentication and access controls, as well as detection and response capabilities, alongside real-time monitoring.”
Beyond the education sector, ransomware attacks have affected various industries in Germany. In May, arms company Rheinmetall blamed the Black Basta ransomware group for an attack, while Bitmarck, a prominent IT service provider in Germany's statutory health insurance system, and drug development giant Evotec were targeted in separate incidents during the spring.
###