After cyberattack: reorganization of the management structure at SĂĽdwestfalen-IT
The municipal service provider SĂĽdwestfalen-IT is restructuring its management, a year after a serious cyberattack. Two former managing directors have to go.
(Image: Tero Vesalainen/Shutterstock.com)
The municipal service provider SĂĽdwestfalen-IT (SIT) has drawn personnel consequences of the serious cyberattack last year. A former managing director who was still receiving a salary was dismissed. Disciplinary measures have been taken against other employees. This was reported on Monday by the industry service it-daily.net.
According to the online portal's report, SIT is also completely reorganizing its management structure. The previous organizational form with a "bloated" 119-member association assembly and a board dominated by politicians will be reformed, according to the report. In the future, more IT experts are to join the board. In addition, "clear responsibilities, streamlined decision-making processes and more professional management structures" are to help prevent security breakdowns in the future.
According to research by the local newspaper Westfalenpost, two former managing directors of SIT were dismissed. Although one of them has no longer been in active management since March 2022, he continued to receive his full salary. The other managing director left the municipal company shortly before the serious cyberattack on October 30, 2023. According to a compliance report by the law firm CMS, both disregarded basic security precautions.
Weak security precautions facilitate attack
The Akira ransomware gang took advantage of a weak password, a lack of multi-factor authentication and a poorly maintained VPN appliance to carry out the attack. The most far-reaching attack on the public sector in Germany to date affected over 70 municipalities with a total of around 1.7 million inhabitants. The local authorities finance SIT and have largely outsourced their IT to the company. Despite the catastrophic effects of the attack, SĂĽdwestfalen-IT and the local authorities refused to pay a ransom. It was not until nine months after the attack that the effects of the cyberattack were largely remedied.
However, the damage caused by the management failure was considerable, writes it-daily.net, and speaks of additional costs of at least 2.8 million euros incurred to date. Further six-figure investments in IT security are necessary. These will probably be financed by higher levies from the affected municipalities. However, the dismissed managers do not have to fear claims for damages. "Despite the massive omissions, the ex-managers have not been proven to be grossly negligent, which is why claims for damages are not planned," it says.
(akn)
