'Massive' cyberattack hits German Chambers of Industry and Commerce

The email and website of the German Chambers of Industry and Commerce (DIHK) — an organization representing millions of businesses – are still down as it tries to recover from a cyberattack that began on Thursday.

The organization did not respond to requests for comment but said on Twitter that only its phone system is still working. The DIHK helps companies with legal issues, provides general support, and promotes German businesses internationally.

On Thursday, the organization said that due to a possible cyberattack, it was shutting down its IT system as a “precautionary” measure. 

Aktuell wird intensiv an Lösung und Abwehr gearbeitet. Wir informieren Sie hier, welche Anwendungen wieder funktionsfähig sind: https://t.co/LtrMItl8Sb#IHK #DIHK pic.twitter.com/5OHMOLH7Mz

— DIHK (@DIHK_News) August 4, 2022

“We are currently working intensively on a solution and defense. After being checked, the IT systems are gradually being started up so that the services for companies are then available again,” the organization said on Thursday.  

Michael Bergmann, chief executive of DIHK, took to LinkedIn to say the cyberattack was “serious” and “massive,” noting that all internet connections at the organization were shut off as a way to address the issue. 

Initially, phone, email and website were turned off and Bergmann said it was unclear how long they would be down. 

The attack, which carried the hallmarks of a ransomware incident, was having downstream effects on the 79 local arms of the organization.

The DIHK offices in Frankfurt, Cologne, Berlin, Lippe and more released statements online confirming that their phone systems were back up and running but that other systems were still down. 

Update: Wir sind leider weiterhin nicht via Mail erreichbar, auch die Internetseite ist down. Aber: Telefonisch sind wir erreichbar. Die zentrale Rufnummer lautet 0221-1640 0. Auch vor Ort sind wir persönlich erreichbar, in Zentrale und Geschäftsstellen.

— IHK Köln (@ihkkoeln) August 5, 2022

Attacks on German organizations have increased over the last year. In April, the LockBit ransomware group attacked popular German library service Onleihe. The same month, German wind farm operator Deutsche Windtechnik was crippled by a cyberattack, while German wind turbine maker Nordex was forced to shut down its IT systems across multiple locations and business units after it was hit with a cyberattack in March.

Not long before, a cyberattack on satellite communications company Viasat caused the malfunction of 5,800 Enercon wind turbines in Germany.

Oil companies Oiltanking and Mabanaft, both owned by German logistics conglomerate Marquard & Bahls, suffered a cyberattack that crippled their loading and unloading systems in February. The attacks forced Shell to reroute oil supplies to other depots.