Cyber Incident Victim: Hesse
Date:
Jul 2024
Location:
Germany
Summary
A cyberattack targeted the Frankfurt University of Applied Sciences, compromising parts of its IT infrastructure and prompting immediate security measures. The institution shut down external access to systems and disabled services, disrupting online enrollments, website functionality, and elevator operations. Internal communications were maintained via campus networks and social media platforms, while in-person classes continued unaffected. Authorities, including police, were notified, though restoration timelines remain unclear. This incident follows recent attacks on other regional academic and law enforcement institutions, highlighting recurring cybersecurity challenges in the sector.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 6, 2024, at approximately 20:00 local time, unidentified attackers breached portions of the IT infrastructure at Frankfurt University of Applied Sciences (UAS). The institution confirmed on Monday that it had fallen victim to what it described as a "serious hacker attack," though the specific intrusion method remained undisclosed. Despite what the university characterized as "very high security precautions," the threat actors successfully compromised systems, prompting immediate containment measures. Administrators disabled external access to IT systems and shut down multiple services as a precautionary response. This action rendered the official university website inaccessible and disrupted online enrollment processes. Physical safety systems were also affected, with elevators in campus buildings deliberately deactivated due to security concerns.
The university maintained limited communication through a maintenance status page and its LinkedIn and Facebook profiles, while internal updates were disseminated via the campus network. In-person classes continued unaffected despite the IT outage. Law enforcement agencies and relevant authorities were notified, though no details regarding investigative progress or potential data compromise were disclosed. The incident followed a pattern of recent cyberattacks against regional academic institutions, including a May 2024 breach at the Wiesbaden Police University involving sensitive data theft, a prior email leak at Mainz University Medical Center, and an October 2023 attack on Frankfurt University Hospital that forced manual billing processes. Restoration timelines for UAS systems remained uncertain as of the latest available reports.