Abo
  • IT-Karriere:

Government Hack: Hack on German Government via E-Learning Software Ilias

The German government was hacked via the learning plattform Ilias, which is used at the government's own university. The university was using an old version with various security vulnerabilities.

Artikel veröffentlicht am , Hanno Böck/
The German government used a software called Ilias for education purposes - and that software has the standard password "homer".
The German government used a software called Ilias for education purposes - and that software has the standard password "homer". (Bild: Wikimedia Commons)

Employees of the public administration in Germany can use educational programs on the webpage lernplattform-bakoev.bund.de - usually. But the webpage, which is operated by the University of the German government, is currently not available. Visitors only get an error message: "The learning plattform Ilias is currently unavailable. It was disabled due to a recommendation from the BSI." The BSI is the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). It's this platform via which the hacker attack on the German government supposedly happened.

Inhalt:
  1. Government Hack: Hack on German Government via E-Learning Software Ilias
  2. University uses old version with known Vulnerabilities

The BSI stated that is has no knowledge of security vulnerabilities in Ilias, the Ministry of Interior declined to make further comments. Golem.de has taken a look at the software.

The error message confirms previous media reports according to which an e-learning service of the government was the entry point for the malware attack. By modifying an online course the attackers were able to infect 17 computers of the Federal Foreign Office, as reported by the newspaper Frankfurter Allgemeine Sonntagszeitung. The attack was detected in December 2017, but it is supposed that it had already been active for several months at that point. Previous reports said that the German government was informed by a secret service of another country about the infected computers.

Although individual computers connected to the IVBB (Informationsverbund Bonn Berlin) network were compromised, there is no clear indication that IVBB network infrastructure was compromised. IVBB is the German government's secure network for communicating certain classified information. According to media reports security authorities believe the attack was of Russian origin.

Ilias confirms hack of its software

Stellenmarkt
  1. Haufe Group, Freiburg
  2. Universität Hamburg, Hamburg

Ilias is an open source project, it is used at several Universities and other public institutions. It was developed by an organization located in Cologne. On the public administrators mailing list of Ilias the product manager Matthias Kunkel wrote on March 8th that "an Instalaltion of the Ilias-Software was supposedly involved" in the Hack of the network of the Government. However currently they have no detailed information about the used security vulnerabilities. The organization wants to discuss the issue at their developer conference next week in the city of Halle/Saale.

Answering a request from Golem.de Matthias Kunkel from Ilias commented on the software. He said: "The organization Ilias open source e-Learning e.V. publishes Ilias as an open source software and coordinates the software development. Yet the individual Ilias installations are operated by their corresponding institutions or companies that use Ilias for their e-learning purposes." The installation that was taken offline "is operated by the University of the German Government".

There are a number of security vulnerabilities that attackers could have used.

University uses old version with known Vulnerabilities 
  1. 1
  2. 2
  3.  


Anzeige
Spiele-Angebote
  1. 4,31€
  2. 137,70€
  3. 2,80€
  4. 51,95€

hg (Golem.de) 12. Mär 2018

Wir haben in diesem Fall auch eine englische Version des Artikels gemacht, weil wir die...


Folgen Sie uns
       


Acer Predator Helios 700 - Hands on (Ifa 2019)

Was für ein skurriles Gerät: Golem.de schaut sich das Gaming-Notebook Predator Triton 700 von Acer an und probiert die Schiebetastatur aus.

Acer Predator Helios 700 - Hands on (Ifa 2019) Video aufrufen
5G-Antenne in Berlin ausprobiert: Zu schnell, um nützlich zu sein
5G-Antenne in Berlin ausprobiert
Zu schnell, um nützlich zu sein

Neben einem unwirtlichen Parkplatz in Berlin-Adlershof befindet sich ein Knotenpunkt für den frühen 5G-Ausbau von Vodafone und Telekom. Wir sind hingefahren, um 5G selbst auszuprobieren, und kamen dabei ins Schwitzen.
Von Achim Sawall und Martin Wolf

  1. Tausende neue Nutzer Vodafone schafft Zuschlag für 5G ab
  2. Vodafone Callya Digital Prepaid-Tarif mit 10 GByte Datenvolumen kostet 20 Euro
  3. Kabelnetz Vodafone bekommt Netzüberlastung nicht in den Griff

Apple TV+: Apples Videostreamingdienst ist nicht konkurrenzfähig
Apple TV+
Apples Videostreamingdienst ist nicht konkurrenzfähig

Bei so einem mickrigen Angebot hilft auch ein mickriger Preis nicht: Apples Streamingdienst hat der Konkurrenz von Netflix, Amazon und bald Disney nichts entgegenzusetzen - und das wird sich auf Jahre nicht ändern.
Eine Analyse von Ingo Pakalski

  1. Apple TV+ Disney-Chef tritt aus Apple-Verwaltungsrat zurück
  2. Apple TV+ Apples Streamingangebot kostet 4,99 Euro im Monat
  3. Videostreaming Apple TV+ startet mit fünf Serien für 10 US-Dollar monatlich

Serielle Hybride: Unterschätzte Zwischenlösung oder längst überholt?
Serielle Hybride
Unterschätzte Zwischenlösung oder längst überholt?

Die reine E-Mobilität kommt nicht so schnell voran, wie es Klimaziele und Luftreinhaltepläne erfordern. Doch viele Fahrzeughersteller stellen derweil eine vergleichsweise simple Technologie auf die Räder, die für eine Zukunft ohne fossile Kraftstoffe Erkenntnisse liefern kann.
Von Mattias Schlenker

  1. ADAC Keyless-Go bietet Autofahrern keine Sicherheit
  2. Gesetzentwurf beschlossen Regierung verlängert Steuervorteile für Elektroautos
  3. Cabrio Renault R4 Plein Air als Elektro-Retroauto

    •  /