What happened in the current attack?
According to a report by Rundfunk Berlin-Brandenburg (rbb), hackers have published personal data of public figures on Twitter and in a blog. Hundreds of politicians from the Bundestag and Brandenburg are affected, but also artists, journalists, YouTubers and celebrities such as the satirist Jan Böhmermann or the musician Marteria. Telephone numbers and private addresses were published. According to media reports, images of identity cards, credit card data and letters or invoices are also said to have been distributed.
Viewed from the outside, the attack can be classified as moderately difficult. No confidential data has been published – so far. Explosively, the data was already published in December without anyone noticing. In the meantime, individual pages have been removed again.
However, it is not clear what other data was stolen. Politicians in particular are at risk of confidential information being stolen from the Bundestag. For journalists, the focus is particularly on access data for social media and editorial systems, which could be misused to spread fake news, but also on confidential research.
How can you protect yourself from this?
It can be assumed that the data in the current cyberattack was collected over a longer period of time. In order to be alerted at an early stage about an irregular data outflow, the use of security managers is recommended. Using intelligent security software, the computer network is constantly checked for attacks by criminals and sounds the alarm in an emergency.
Nevertheless, you shouldn’t forget: As a human being, you are the biggest risk factor for IT security. Only permanent and regular awareness-raising measures can help here, especially among employees in companies or small businesses. Permanent mistrust can unmask hacker attacks, especially phishing, spear phishingand CEO fraud.
Thus, hackers often use psychological strategies to get victims to reveal the information they want. But fear and curiosity are also a driving factor. You should always be suspicious of e-mails with requests, for example: “We have a surprise for you”, “All colleagues took part in the campaign” or “Log in and receive a voucher for 50 euros”. Therefore, do not let yourself be put under pressure and check the identity of e-mail senders and callers sufficiently!
