The savings bank subsidiary Deutsche Leasing was hit by a cyber attack last weekend. According to various media, the incident was so violent that the company had to send its 2.500 employees home at the beginning of the week. It is unclear whether data was also stolen.
According to the company, the cyber attack was already registered in the IT department on Saturday, 03.06.23/2.500/XNUMX. However, according to various media, the damage had already been done and the IT department immediately took the systems offline. Since it first had to be checked which systems were compromised, Deutsche Leasing sent all of its XNUMX employees home on Monday and Tuesday. At first nothing worked. Many affiliated medium-sized companies did not and do not have access to special services.
No information on the outflow of data
The company provides information about the cyber attack on its website, but does not provide any further information as to whether data may have been stolen. Many attackers are currently doing this with ransomware or a data stealer. In the latter, the attackers just extract the data and then start blackmailing them into publishing or selling the data. In the event of a ransomware attack, the hijacked systems and data are also encrypted. Deutsche Leasing is currently not providing any further information on the attack. The website only has the following information:
“A part of the IT systems is affected in the event of a cyber attack. The company reacted immediately in accordance with the emergency plan and switched off access to the systems. The company has been working intensively with external IT security consultants and the investigative authorities since the weekend to analyze the attack and secure evidence. As part of the recovery plan, secure e-mail communication, among other things, was put back into operation. This plan is now being worked through step by step.”
Editor/sel
A comment by Illumio
This attack is another example that cybersecurity is no longer just a security issue, but also an operational issue. At this time, it is not clear whether the attack is ransomware. However, should this be the case, the sheer volume of sensitive data held by Deutsche Leasing could give attackers greater leverage.
The company is now going through its incident response process and has shut down its systems pending the investigation. However, there should be a point where any organization will be able to contain attacks and survive without significant business disruption—especially for financial services firms, whose services thousands of people depend on.
Do you have a moment?
Take a few minutes for our 2023 user survey and help make B2B-CYBER-SECURITY.de better!You only have to answer 10 questions and you have an immediate chance to win prizes from Kaspersky, ESET and Bitdefender.
Here you go directly to the survey
All organizations must focus on creating an attack-tolerant IT infrastructure and increasing cyber resilience so they can keep working during attacks. Attacks are inevitable, so every organization needs an attack mitigation strategy to reduce risk, protect sensitive assets and data, and quickly contain threats. According to Alexander Goller, Senior Systems Engineer at Illumio.
Three tips to mitigate the risk of cyber attacks
- Adopt an “assume breach” mentality. They assume attacks will occur and adjust their security strategies to minimize the risk.
- Design a security plan, which is used for surviving attacks, not just prevention.
- Implement a zero trust strategy. Based on the mantra “never trust, always verify,” policies must be established to ensure the network continually verifies, authenticates, and authorizes all users requesting access, whether they are on or off the network.