But there was still no confirmation from the country. According to Gerd Kurath from the state press service, the data that circulated on Friday was merely a list of file names and not actual, verifiable files. According to an IT entrepreneur, however, files were in circulation.
The online platform “futurezone.at” referred to a tweet by the Viennese IT security entrepreneur Sebastian Bicchi on Friday. This presented a screenshot of a folder structure, the folders had names like “passports”, “Hypo-Heta USA” (Committee of Inquiry, note), “vaccinations” or “cards”. ID cards, passports, corona tests and political position papers have been published.
As Bicchi said, he downloaded part of the data “on a random basis”: “And those were very well files.” Screenshots of the Green Passport app and a “large number of passports” were included: “Although I can’t say whether they were from citizens of the country or employees. The fact is, I was able to download them.” There was a large mail folder, mainly relating to Ukraine, and he also saw larger folders with completed visa forms, says Bicchi.
Six of 250 gigabytes put online
For the time being, almost six gigabytes of data were put online, the blackmailers said they had 250 gigabytes. “I expect they’ll put more files online,” Bicchi said. The files were not published on the Darknet, but on the publicly accessible part of the Internet, on a hosting provider. According to Bicchi from calculation: This should create the greatest possible attention and pressure should be generated. In the meantime, the content has been removed by the hosting provider, according to the state press service at the instigation of the Ministry of the Interior.
The procedure was typical, said Bicchi: “The publication is there to make it clear to later victims that this will happen.” E-mails in particular are often stolen because: “You don’t have to know what’s inside to create a lot of pressure.”
New ultimatum on Monday
As Kurath told journalists on Friday afternoon, the hackers presented the country with a new ultimatum on a Darknet site earlier this week: If no ransom was paid, a “denial of service attack” was threatened, i.e. a targeted overload of the system to perform. In addition, the publication of stolen data was threatened. This attack began at the end of the week, but has so far been fended off, said Kurath: “Our IT system – also through an external service provider – is currently probably one of the best and most secure systems there is because it is secured several times is.”
Kurath also left the question of whether the hackers actually managed to siphon off data unconfirmed. “We can only say that a small area of data was read. We said from the start that it was unlikely, but we couldn’t rule out that data was also siphoned off.” Nor could Kurath confirm that passports or ATM cards were in circulation. He even doubted the latter: “We don’t issue ATM cards, we don’t have this sensitive data at all.”
Asked for five million dollars
The hacker attack became public on Tuesday a week ago. The state administration, district authorities, audit office and administrative court were affected by the hacker attack, the system was shut down and gradually restarted.
Soon after the crime, the international hacker group “Black Cat” reported and demanded a ransom of five million dollars in bitcoins. The state of Carinthia had said that the required sum would under no circumstances be paid – and that was also the case on Friday.
Source: Nachrichten
