Major Cybercrime Bust: Six Arrested for 2019 Ryuk Attack on German City
In a significant blow to international cybercriminals, a major investigation into a 2019 cyberattack on Neustadt am Rübenberge's city administration has led to arrest warrants for six suspects. The attack, carried out using the Ryuk malware, resulted in a substantial ransom demand and threatened data deletion.
The suspects are believed to be part of the 'Wizard Spider' network, an internationally active group based in places like Russia. Two of the suspects are directly linked to the attack on Neustadt am Rübenberge. The investigation, led by the Central Office for Combating Cybercrime and the Specialist Commission Cybercrime, revealed that the attackers had gained access to systems over several weeks, rendering backup systems unusable.
Through international cooperation, arrest warrants were issued for the six suspects, with three in pre-trial detention in Austria, two in Spain, and five in Colombia. The main suspect, a 39-year-old Turkish national, remains at large. Additionally, five suspected money launderers were identified and arrest warrants were initiated against them. The attack is part of a larger pattern, with 170 German cases involving the group between 2018 and 2021, resulting in documented damage of 46 million euros.
The Police Directorate Hannover has warned of the continuing threat to authorities, institutions, and companies from malware. They urge regular system updates, employee training, backups, and immediate reporting of cyberattacks to mitigate the risk. The international cooperation in this case demonstrates the commitment to combating cybercrime and bringing perpetrators to justice.
