Caritas welcomes its visitors with the headline “Caritas is the victim of a cyber attack”. A few days ago, large parts of the IT systems were encrypted by ransomware, data was stolen and a ransom was demanded. However, Caritas does not want to pay, but is pursuing other plans.
Caritas has published a corresponding statement on its website, since it cannot be reached by email either: “The Caritas Association of the Archdiocese of Munich and Freising eV has been experiencing a major disruption in central IT systems since last weekend and, according to the current state of knowledge, is the victim of a far-reaching cyber attack become. The operation of the approx. 350 services and facilities continues, the processes have been secured. However, repairing the damage led to a temporary switch to analogue operation.
“No one is immune to cybercrime. As the largest social organization in Upper Bavaria, it has now hit us despite extensive technical and organizational protective measures," explains Caritas director Prof. Dr. Herman Sollfrank
Sollfrank emphasizes: “It goes on. We are, of course, fully continuing our business operations and our work for the people we serve and employ. Maintaining the business operations of the Caritas Association has absolute priority so that we can continue to live up to our motto "Nah. Nearest” can be there for our clients, residents and numerous people seeking help.
10.000 employees continue
Nevertheless, certain restrictions in the often IT-supported communication must be expected temporarily at one point or another," adds the Chairman of the Board of Caritas Munich and Upper Bavaria, citing examples: "It might take a little longer for someone to answer the phone and we will not be available by email for the time being. We ask for your understanding for this," says the Caritas director and assures that the 10.000 employees of Caritas will continue to be there for the people with full commitment and commitment. "We are particularly solidary in these times of crisis."
Analysis phase is in full swing
The Caritas board established a crisis team at the weekend. A complaint has also been filed. "Of course we informed the investigating authorities immediately and offered our full support," adds Sollfrank: "We are currently still in the analysis phase. Nevertheless, there are concrete indications that cybercriminals have managed to access data from our systems despite all protective measures. At the moment, we cannot say without a doubt what the data is, and also for reasons of investigation tactics.”
Instead of ransom: Building an alternative IT infrastructure
As reported by Bavarian Radio, Caritas wants to set up an alternative IT infrastructure instead of paying the ransom. Thanks to existing and extensive data backups, this should be possible in a timely manner. The reason for this decision is that in the legal vacuum of organized crime there is no obligation and no guarantee that cybercriminals will nevertheless deliberately spread sensitive data publicly now or in the future in order to stir up fear and shame.
More at caritas-nah-am-naechsten.de