(Adds details, quotes from military official)
By Andrea Shalal
BERLIN May 15 The German federal cyber agency,
BSI, on Monday said it was aware of additional German
institutions affected by the WannaCry "ransomware" cyber attack
beyond those companies already known, and it expected additional
variants of the virus to surface.
BSI President Arne Schoenbohm urged companies hit by the
virus to report attacks through normal confidential channels and
avoid payments to hackers under any circumstances.
"WannaCry is another urgent wakeup call to invest more in IT
security," Schoenbohm said in a statement, saying German
government networks were not affected, but some German companies
still needed to improve their security.
He said the infections had not increased this week but urged
companies to install a Microsoft patch that had been available
German rail operator Deutsche Bahn said on Saturday
that its systems were infected by a global cyber attack that
caused computer turmoil in nearly 100 countries over the weekend
and rolled into Asia on Monday .
Cyber attackers used ransomware to encrypt data on the
computers, demanding payments of $300 to $600 to restore access.
Victims were tricked into opening malicious malware attachments
to spam emails that appeared to contain invoices, job offers,
security warnings and other legitimate files.
Schoenbohm discussed the latest attacks and international
coordination efforts with his counterparts from Austria,
Switzerland and Luxembourg in Bonn on Monday, the BSI said.
Germany was the 13th most affected country by the attack,
Schoenbohm said, noting that various defensive measures
undertaken in recent years were paying off.
"But we can't give an all-clear. The ransomware remains in
circulation and is spreading in Germany," he said. "We expect
the perpetrators and copycats to continue to unleash new
Konstantin von Notz, a Greens lawmaker and member of the
parliamentary committee that oversees digitalisation, said
Germany urgently needed to clarify which government agency would
respond in the event of a major attack.
German officials are studying the issue and will make
initial recommendations in July, government sources said.
Von Notz said it was not clear who was behind the latest
attacks, but they involved software tools that had previously
been under the control of the U.S. National Security Agency.
He criticised the German government for buying software
flaws on the black market and using them to conduct espionage
instead of fixing them.
"That carries with it massive dangers," he said. "These back
doors that (the government) is using can also be used by
criminals and enemy intelligence agencies."
Roland Obersteg, a top officer with Germany's new military
cyber command, told a conference hosted by the German newspaper
Tagesspiegel that it was imperative for more companies to report
cyber attacks so authorities could better track threats.
He also called it "illusory" to think that the German
military would be able to respond immediately to a cyber attack
by shutting down an enemy server.
"We need three to nine months to plan, program and prepare
for such an action," he said. "That's not done overnight."
Both von Notz and Obersteg said Germany should adopt uniform
cyber security standards for government and the private sector.
(Reporting by Andrea Shalal; Editing by Michael Nienaber, Larry