Material Damage from Police Server Attack Remains Unclear

In the aftermath of a cyberattack on a police server in Mecklenburg-Vorpommern, discussions among politicians from all parties about the implications of the incident continue. Over a month has passed since the breach, and the opposition parties, CDU and AfD, have reiterated their calls for a thorough investigation into the circumstances surrounding the attack.

During a session in Schwerin, CDU representatives presented a catalog of measures aimed at improving police IT security, while the AfD pushed for the appointment of a special investigator to ensure an unbiased inquiry. However, these proposals failed to gain majority support in the parliament.

Interior Minister Christian Pegel acknowledged that shortcomings in the internal reporting system contributed to the success of the hacker's efforts. Delays in communicating warnings about vulnerabilities in the server's operating software hindered timely countermeasures. Pegel emphasized the need for enhanced organizational safeguards within the state police to ensure that such warnings reach the appropriate parties promptly.

The compromised server, which supported police mobile devices, is set to be replaced. Current investigations are being carried out by a task force of computer specialists from the State Criminal Police Office (LKA) to determine the extent and impact of the attack, which is suspected to have originated from China. There are concerns that persistent malware could have been implanted on the server, potentially facilitating unauthorized data transfers.

Minister Pegel stated that it remains unclear whether any data was indeed extracted during the breach. However, it has been confirmed that sensitive investigative files were not compromised, as these are stored on separate, highly secure servers. Investigations are ongoing to assess the implications of the attack on police mobile devices, which are currently not operational. Should it be deemed necessary to replace the approximately 4,000 smartphones for security reasons, the financial repercussions could reach into the millions. The cost for the new server is estimated to be in the low six-figure range.

Opposition criticism has emerged regarding the government's inadequate response to prior warnings about weaknesses in the IT security architecture. CDU lawmaker Ann Christin von Allwörden accused the state government of failing to address these vulnerabilities. She advocated for better staffing and technical resources for IT security agencies in the region, as well as improvements to the early warning systems designed to detect and thwart cyberattacks.

Jens-Holger Schneider from the AfD expressed skepticism about the LKA's ability to independently investigate potential errors given its affiliation with the Interior Ministry. He argued for the necessity of an independent external investigator to uncover all shortcomings and restore confidence in the police's IT security.

In early June, the Interior Ministry disclosed details of the cyberattack affecting the server that connects police mobile devices known as mPol units. These devices enable officers to make calls, send and receive emails, access vehicle registration information, and verify identification documents. The ministry is currently evaluating whether the private use of these devices will continue in light of the incident.