Germany’s BSI federal cyber agency said on Friday that the threat posed to German firms by recent cyber attacks launched via a Ukrainian auditing software was greater than expected, and some German firms had seen production halted for over a week.
Analyses by computer experts showed that waves of attacks had been launched via software updates of the M.E.Doc accounting software since April, the BSI said in a statement.
That meant that companies that used the software might have been infected by the malicious software, even if there were no obvious signs of a breach, BSI said. Data backups carried out after April 13 should also be viewed as compromised.
“Some German firms have seen production and other critical processes laid still for over a week,” BSI President Arne Schoenbohm said. “It has resulted in millions of euros of damage, and this in a case where Germany got off lightly.