Cyberattacks against authorities – what you need to know

Cyberattacks can hit anyone – including authorities

For example, a website can go offline, but the entire network can also be affected. Aside from financial losses, confidential information sometimes falls into the wrong hands, with devastating consequences: data loss, system failure, liability claims due to a data protection violation and reputational damage are just some examples.

In order to penetrate IT systems, the perpetrators try to trick employees of the authority concerned into doing something without actually wanting to, e.g. opening an email attachment, clicking on a link, entering personal data such as passwords or making a payment.

Common method: social engineering

A common method is called social engineering, which often involves the perpetrators finding out about the administrative structure in advance. This is done using publicly accessible information on the website of the communal administration or social media, for instance. A target is then selected and confronted with a tailor-made scenario. For example, the perpetrators attempt to obtain usernames and passwords by pretending to be employees of a software company on the phone. By claiming acute computer problems and feigning knowledge of the company, they make the target insecure enough to divulge the desired information. Sometimes, criminals also misuse the names of administrative units, e.g. the tax administration, or energy suppliers in their emails or phone calls.

Types of manipulation


The perpetrators exploit the hierarchical organisational structure and create a certain amount of pressure to act. They usually assume the identity of a superior and ask an employee to disclose sensitive information or transfer money on his or her behalf. 

Time pressure

The target is tricked into thinking that they have to act under time pressure. 


The target is promised a prize or a surprise in return for opening the file or clicking on the link


The perpetrators threaten targets with consequences if they do not comply with the request, or make obviously false statements that they are to correct by clicking on a malicious link. 


The topic presented appeals emotionally to the target, who wants to participate to remedy grievances, for example.

Technical and organisational measures

Of course, cyber attacks are not only caused by employees, but also by insufficiently protected IT systems. 

An overview of technical and organisational measures can be found on this page: 
Protect your authority

The most frequent types of threat

Once cybercriminals have gained access to IT systems, the following are the most frequent types of threat that lurk:

Last modification 09.12.2021

Top of page