The Association of German Chambers of Industry and Commerce (DIHK) took down its IT systems, digital services, phones and email servers in response to the cyberattack.

DIHK is a coalition of 79 chambers of commerce representing firms in Germany, including over three million members ranging from tiny stores to huge organizations. The organization provides its members with legal counsel, consulting, overseas trade advancement, training, economic growth, and support services. A brief message on the DIHK website explains the outage as a safety measure, and a means for IT staff to identify a solution and strengthen defences.

Systems are coming back, partially

Some business services are progressively being made accessible again following extensive testing to verify that they are safe to use. However, at the moment, the recovery is only fragmentary. Michael Bergmann, the General Manager of DIHK, confirmed that the cyberattack happened on Wednesday in a LinkedIn post, describing the event as ‘massive.’

Bergmann said that the DIHK could not foresee how long the shutdown measures would be required. While the incident appears to be ransomware-related, with systems getting shut down to prevent the propagation of the infection, this has yet to be formally acknowledged.

Major scale

None of the major ransomware extortion websites have announced a breach of the DIHK, though that would be premature. According to the German tech news blog Heise.de, the impact of the assault appears to have no geographical emphasis. Different divisions in North Rhine-Westphalia, Lower Saxony, Bavaria and Mecklenburg-Western Pomerania all verified issues.

For example, the Köln Chamber of Industry and Commerce warned the public that phone lines were only partially operational when its website was still down. The closure of the systems in Köln is also presented as a preventive step, which confirms suspicions of a ransomware assault.