Some of the Üstra systems are at a standstill after they have been hit by a cyber attack which was later detected by the organization.
Prior to the anticipated commencement of the Deutschlandticket sales, Üstra staff are likely working hard to regain control of the computer systems.
By using a malicious email attachment that encrypts content, the hackers broke into the IT systems.
For investigative purposes and investigative method, Üstra refrained from commenting on the ransom demand, although one must exist or one will materialise.
TPRM report: https://scoringcyber.rankiteo.com/company/üstra-hannoversche-verkehrsbetriebe-ag
"id": "str134930723",
"linkid": "üstra-hannoversche-verkehrsbetriebe-ag",
"type": "Ransomware",
"date": "04/2023",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'industry': 'Transportation',
'name': 'Üstra',
'type': 'Public Transportation Company'}],
'attack_vector': 'Malicious email attachment',
'data_breach': {'data_encryption': 'Yes'},
'description': 'Some of the Üstra systems are at a standstill after they have '
'been hit by a cyber attack which was later detected by the '
'organization. Prior to the anticipated commencement of the '
'Deutschlandticket sales, Üstra staff are likely working hard '
'to regain control of the computer systems. By using a '
'malicious email attachment that encrypts content, the hackers '
'broke into the IT systems. For investigative purposes and '
'investigative method, Üstra refrained from commenting on the '
'ransom demand, although one must exist or one will '
'materialise.',
'impact': {'systems_affected': ['Üstra systems']},
'initial_access_broker': {'entry_point': 'Malicious email attachment'},
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes'},
'title': 'Üstra Cyber Attack',
'type': 'Ransomware'}