Government Hack: Hack on German Government via E-Learning Software Ilias

The German government was hacked via the learning plattform Ilias, which is used at the government's own university. The university was using an old version with various security vulnerabilities.

Artikel veröffentlicht am , Hanno Böck/
The German government used a software called Ilias for education purposes - and that software has the standard password "homer".
The German government used a software called Ilias for education purposes - and that software has the standard password "homer". (Bild: Wikimedia Commons)

Employees of the public administration in Germany can use educational programs on the webpage lernplattform-bakoev.bund.de - usually. But the webpage, which is operated by the University of the German government, is currently not available. Visitors only get an error message: "The learning plattform Ilias is currently unavailable. It was disabled due to a recommendation from the BSI." The BSI is the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). It's this platform via which the hacker attack on the German government supposedly happened.

Inhalt:
  1. Government Hack: Hack on German Government via E-Learning Software Ilias
  2. University uses old version with known Vulnerabilities

The BSI stated that is has no knowledge of security vulnerabilities in Ilias, the Ministry of Interior declined to make further comments. Golem.de has taken a look at the software.

The error message confirms previous media reports according to which an e-learning service of the government was the entry point for the malware attack. By modifying an online course the attackers were able to infect 17 computers of the Federal Foreign Office, as reported by the newspaper Frankfurter Allgemeine Sonntagszeitung. The attack was detected in December 2017, but it is supposed that it had already been active for several months at that point. Previous reports said that the German government was informed by a secret service of another country about the infected computers.

Although individual computers connected to the IVBB (Informationsverbund Bonn Berlin) network were compromised, there is no clear indication that IVBB network infrastructure was compromised. IVBB is the German government's secure network for communicating certain classified information. According to media reports security authorities believe the attack was of Russian origin.

Ilias confirms hack of its software

Stellenmarkt
  1. Mitarbeiter Online-Marketing (m/w/d)
    Blickle Räder+Rollen GmbH u. Co. KG, Rosenfeld
  2. Cloud & Data Solution Architect (m/w/d)
    Dr. Pfleger Arzneimittel GmbH, Bamberg
Detailsuche

Ilias is an open source project, it is used at several Universities and other public institutions. It was developed by an organization located in Cologne. On the public administrators mailing list of Ilias the product manager Matthias Kunkel wrote on March 8th that "an Instalaltion of the Ilias-Software was supposedly involved" in the Hack of the network of the Government. However currently they have no detailed information about the used security vulnerabilities. The organization wants to discuss the issue at their developer conference next week in the city of Halle/Saale.

Answering a request from Golem.de Matthias Kunkel from Ilias commented on the software. He said: "The organization Ilias open source e-Learning e.V. publishes Ilias as an open source software and coordinates the software development. Yet the individual Ilias installations are operated by their corresponding institutions or companies that use Ilias for their e-learning purposes." The installation that was taken offline "is operated by the University of the German Government".

There are a number of security vulnerabilities that attackers could have used.

Bitte aktivieren Sie Javascript.
Oder nutzen Sie das Golem-pur-Angebot
und lesen Golem.de
  • ohne Werbung
  • mit ausgeschaltetem Javascript
  • mit RSS-Volltext-Feed
University uses old version with known Vulnerabilities 
  1. 1
  2. 2
  3.  


Aktuell auf der Startseite von Golem.de
Microsoft Office  
BGP-Fehler macht zahlreichen Telekom-Kunden Probleme

Zahlreiche Telekom-Kunden hatten am Morgen Probleme, sich etwa mit Microsofts Online-Diensten zu verbinden. Grund ist wohl ein BGP-Fehler.

Microsoft Office: BGP-Fehler macht zahlreichen Telekom-Kunden Probleme
Artikel
  1. Bitcoin, Ethereum & Co.: Ausgerechnet der Wolf of Wallstreet fordert Regulierung
    Bitcoin, Ethereum & Co.
    Ausgerechnet der Wolf of Wallstreet fordert Regulierung

    Jordan Belfort ist der Meinung, dass eine Regulierung von Kryptowährungen wie Bitcoin gut wäre. Seine Einschätzung basiert auf Erfahrung.

  2. Sony: Beta-Firmware erlaubt SSD-Einbau in Playstation 5
    Sony
    Beta-Firmware erlaubt SSD-Einbau in Playstation 5

    Die Beta-Tester können aufrüsten: Mit der noch unfertigen Firmware ist der Einbau von zusätzlichem Massenspeicher in der PS5 möglich.

  3. Wie du durch Hacking besser entwickeln lernst
     
    Wie du durch Hacking besser entwickeln lernst

    Wer sichere Anwendungen bauen will, sollte von Hackern lernen, sagt Paul Molin, Web Application Security Evangelist bei Theodo - und zeigt, wie es geht.
    Sponsored Post von Golem.de

hg (Golem.de) 12. Mär 2018

Wir haben in diesem Fall auch eine englische Version des Artikels gemacht, weil wir die...



  • Schnäppchen, Rabatte und Top-Angebote
    Die besten Deals des Tages
    Schnäppchen • PS5 jetzt bestellbar • EA-Spiele (PC) günstiger (u. a. Battlefield 5 5,99€) • Asus TUF Gaming 23,8" FHD 144Hz 169€ • Acer-Chromebooks zu Bestpreisen • Philips 65" Ambilight 679€ • Bosch Professional günstiger [Werbung]
    •  /