Cyber attack on Ellwangen: identified teenagers as a perpetrator!

Cyber attack on Ellwang's city administration: Young person determined as a suspect. System restoration and security measures planned.

30. Mai 2025

Martin Schneider

Artikel als PDF

Kommentare

Diesen Artikel teilen:

Facebook X Whatsapp Email

In Ellwangen, a cyber attack on the city's network ensures considerable concerns. The city administration has determined the first irregularities in the data network since April 24th. A youth who is a former student of an Ellwanger school is determined as a suspect. So far, details on the identity of the young person have not been published. Anselm Grupp, a representative of the city, was optimistic about the determination of the alleged perpetrator and described this as positive news. Interestingly, no blackmail letter was found, and there is currently no evidence of a data handle of sensitive information.

The urban systems are currently only used to a limited extent, in particular the communication between schools. The administration had therefore immediately switched off programs because a communication app for students and teachers was particularly affected. While lessons continue to take place at the urban schools, teachers at a particularly affected school temporarily use private laptops for classes because the program for digital plates and projectors is disturbed.

Current measures and restoration

A crisis team made from internal and external IT specialists was immediately set up to cope with the situation. The city's cyber insurance was immediately informed and IT experts are working to restore the systems. So far, the city administration has succeeded in remaining by email and phone, but there are always delays in the email system. A re -connection of the educational network with the Internet is planned for the period after the Pentecost holidays. In advance, new passwords for users of the pedagogical network and for the employees of the city administration are awarded.

In view of the difficulties, the city administration is also planning future measures to increase data security that could cause additional costs. The increase in the firewall, which has now been given, has already been planned in the household, and the introduction of a two-factor authentication for public online offers is pending. In addition, there will be 24-hour monitoring of the systems by an external service provider in the future. At the moment, the exams of the approximately 200 servers in the municipal IT network are still ongoing, whereby restrictions for employees during this examination phase must be expected.

provision and recommendations

The city administration of Ellwangen has taken the incident as a serious warning and intended to implement comprehensive measures to prevent future attacks. The Federal Office for Information Technology (BSI) offers valuable recommendations. [ bsi ] should be adapted to the respective IT infrastructure and type of threat.

Although the ongoing investigations and the restoration of the systems are exciting, the question of the attacker's motif remains unclear. The lack of a ransom claim indicates that it is not a typical extortion case, which presents the investigators with new challenges.

Details
Ort	Ellwangen, Deutschland
Quellen	www.schwaebische-post.de www.tagesschau.de www.bsi.bund.de