Government Hack: Hack on German Government via E-Learning Software Ilias

The German government was hacked via the learning plattform Ilias, which is used at the government's own university. The university was using an old version with various security vulnerabilities.

Artikel veröffentlicht am , Hanno Böck/
The German government used a software called Ilias for education purposes - and that software has the standard password "homer".
The German government used a software called Ilias for education purposes - and that software has the standard password "homer". (Bild: Wikimedia Commons)

Employees of the public administration in Germany can use educational programs on the webpage lernplattform-bakoev.bund.de - usually. But the webpage, which is operated by the University of the German government, is currently not available. Visitors only get an error message: "The learning plattform Ilias is currently unavailable. It was disabled due to a recommendation from the BSI." The BSI is the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). It's this platform via which the hacker attack on the German government supposedly happened.

Inhalt:
  1. Government Hack: Hack on German Government via E-Learning Software Ilias
  2. University uses old version with known Vulnerabilities

The BSI stated that is has no knowledge of security vulnerabilities in Ilias, the Ministry of Interior declined to make further comments. Golem.de has taken a look at the software.

The error message confirms previous media reports according to which an e-learning service of the government was the entry point for the malware attack. By modifying an online course the attackers were able to infect 17 computers of the Federal Foreign Office, as reported by the newspaper Frankfurter Allgemeine Sonntagszeitung. The attack was detected in December 2017, but it is supposed that it had already been active for several months at that point. Previous reports said that the German government was informed by a secret service of another country about the infected computers.

Although individual computers connected to the IVBB (Informationsverbund Bonn Berlin) network were compromised, there is no clear indication that IVBB network infrastructure was compromised. IVBB is the German government's secure network for communicating certain classified information. According to media reports security authorities believe the attack was of Russian origin.

Ilias confirms hack of its software

Stellenmarkt
  1. Expertinnen bzw. Experten Qualitätssicherung in der Softwareentwicklung (w/m/d)
    Statistisches Bundesamt, Wiesbaden
  2. Cloud-Server-Administrator (m/w/d) Microsoft
    Mainova AG, Frankfurt am Main
Detailsuche

Ilias is an open source project, it is used at several Universities and other public institutions. It was developed by an organization located in Cologne. On the public administrators mailing list of Ilias the product manager Matthias Kunkel wrote on March 8th that "an Instalaltion of the Ilias-Software was supposedly involved" in the Hack of the network of the Government. However currently they have no detailed information about the used security vulnerabilities. The organization wants to discuss the issue at their developer conference next week in the city of Halle/Saale.

Answering a request from Golem.de Matthias Kunkel from Ilias commented on the software. He said: "The organization Ilias open source e-Learning e.V. publishes Ilias as an open source software and coordinates the software development. Yet the individual Ilias installations are operated by their corresponding institutions or companies that use Ilias for their e-learning purposes." The installation that was taken offline "is operated by the University of the German Government".

There are a number of security vulnerabilities that attackers could have used.

Bitte aktivieren Sie Javascript.
Oder nutzen Sie das Golem-pur-Angebot
und lesen Golem.de
  • ohne Werbung
  • mit ausgeschaltetem Javascript
  • mit RSS-Volltext-Feed
University uses old version with known Vulnerabilities 
  1. 1
  2. 2
  3.  


Aktuell auf der Startseite von Golem.de
Bundesservice Telekommunikation  
Ist eine scheinexistente Behörde für Wikipedia relevant?

Die IT-Sicherheitsexpertin Lilith Wittmann hat eine dubiose Bundesbehörde ohne Budget entdeckt. Reicht das für einen Wikipedia-Artikel?

Bundesservice Telekommunikation: Ist eine scheinexistente Behörde für Wikipedia relevant?
Artikel
  1. Elektroauto: VW e-Up ab Mitte Februar wieder bestellbar
    Elektroauto
    VW e-Up ab Mitte Februar wieder bestellbar

    Der e-Up gehörte 2021 zu den meistgekauften Elektroautos. Nun will VW den Kleinwagen wieder verfügbar machen.

  2. Bitcoin, Ethereum: Was steuerlich bei Kryptowährungen gilt
    Bitcoin, Ethereum
    Was steuerlich bei Kryptowährungen gilt

    Kryptowährungen wie Bitcoin sind unter Anlegern beliebt - doch wie muss man die Gewinne eigentlich versteuern?

  3. Neues Geschäftsmodell: Luca-App plant flexible Abos und will Preise senken
    Neues Geschäftsmodell
    Luca-App plant flexible Abos und will Preise senken

    Angesichts drohender Kündigungen will die Luca-App den Bundesländern entgegenkommen.

Du willst dich mit Golem.de beruflich verändern oder weiterbilden?
Zum Stellenmarkt
Zur Akademie
Zum Coaching
  • Schnäppchen, Rabatte und Top-Angebote
    Die besten Deals des Tages
    Daily Deals • Bosch Professional zu Bestpreisen • WSV bei MediaMarkt • Asus Vivobook Flip 14" 8GB 512GB SSD 567€ • Philips OLED 65" Ambilight 1.699€ • RX 6900 16GB 1.489€ • Samsung QLED-TVs günstiger • Asus Gaming-Notebook 17“ R9 RTX3060 1.599€ • Seagate 20TB SATA HDD [Werbung]
    •  /