Skip to content

The IT dependency of German universities on US software and technology

Overview German universities are heavily dependent on US American technologies in almost all areas of digital infrastructure. This dependency includes cloud services, productivity software, operating systems, AI tools, and research platforms. While US providers such as Microsoft, Google, Amazon, and NVIDIA offer enormous advantages in scalability, user-friendliness, and speed of innovation, this creates significant risks for data protection, strategic autonomy, and geopolitical resilience. As of January 2026, awareness of this issue has significantly increased in academia and politics – yet practical change remains slow. Current extent of dependency The dependency is structurally deeply rooted and affects almost all levels of university operations: Current reports show: The German economy – and thus also the universities – sees itself as too dependent on US cloud and software providers by 75-80%. The situation at universities is similar or even more pronounced, as innovation and international cooperation often take precedence over sovereignty. Risks and… 

more »The IT dependency of German universities on US software and technology

Hard Questions: Exclusive Interview with Germany's Cyber Defense Expert Thomas Kress

Thomas Kress is one of the most prominent IT security experts in the German-speaking world and CEO of Deutsche CyberKom. After more than 25 years in leadership roles in international IT projects, he founded his own company, which today strategically combines IT security and telecommunications under the umbrella of Deutsche CyberKom. As a sought-after specialist author, he publishes in leading IT and business publications. As a consultant, he advises leading companies and system houses on security issues, infrastructure, and digital sovereignty. As part of our interview series "Hard Questions," Kress answered questions from LabNews Media.   Germany is significantly lagging behind in cyber defense; there are no comparable institutions to the NSA or GCHQ. What needs to change?   While Germany has taken important steps in cyber security in recent years – for example, through the Federal Office for Information Security (BSI), the National Cyber Defense Center, and close integration into the European agency ENISA… 

more »Hard Questions: Exclusive Interview with Germany's Cyber Defense Expert Thomas Kress

Hacker attack on the electronic patient record: Germany's disaster

In the spring of 2025, another security incident dominated headlines in Germany: the electronic patient record (ePA), a central element of digitalization in healthcare, was once again the target of hacker attacks. This incident sheds light on the massive problems associated with the widespread introduction of the ePA and raises the question of how secure the sensitive health data of millions of citizens truly is. The Electronic Patient Record: An Ambitious Project The ePA was introduced as a milestone in healthcare digitalization as part of the Digital Law (DigiG). Since April 29, 2025, it has been available nationwide for approximately 73 million statutory insured individuals, after a pilot phase in model regions such as Hamburg, Franconia, and parts of North Rhine-Westphalia was completed. The goal of the ePA is to store health data such as doctor's letters, lab results, medication plans, and X-ray images centrally and digitally. Insured individuals can access their data via an app from their health insurance company, manage access rights, and upload documents. Doctors,… 

more »Hacker Attack on Electronic Patient Record: Germany's Disaster

APT Cyber Attacks Threaten Germany's Healthcare System

Cyberattacks by Advanced Persistent Threats (APTs) pose an enormous threat to the healthcare system and are difficult to fend off for several reasons. According to a study by Sophos, ransomware attacks on healthcare facilities reached a four-year high in 2024, with 67% of surveyed organizations affected[4]. The complexity and severity of attacks are increasing, reflected in longer recovery times. Only 22% of victims were able to recover within a week in 2024, compared to 47% the previous year[4]. A major reason for the healthcare sector's vulnerability is the increasing digitalization and networking of medical devices and systems. Modern heart implants, for example, transmit information wirelessly, which, while improving patient care, also creates new attack vectors[1]. In the worst-case scenario, a successful hack could lead to a patient's death. The dependence on digital systems makes hospitals attractive targets for cybercriminals. If network-controlled infusion pumps or digital patient records fail, patient care is immediately at… 

more »APT Cyber Attacks Threaten Germany's Healthcare System

Gene analysis company pays millions in fines after cyberattack

US genetic analysis startup 23andMe has agreed to pay $30 million in damages to affected customers to settle a class-action lawsuit[1]. The settlement follows a massive data breach in 2023, in which criminals gained access to the data of over 6.9 million users[1]. Details of the incident The hackers apparently specifically targeted the genetic information of Ashkenazi Jewish and Chinese users[1]. In addition to direct customer information, data of potential relatives linked to the profiles via the "DNA Relatives" platform feature were also stolen[1]. Compensation and security measures In addition to financial compensation, those affected are expected to receive access to a security monitoring program for three years[1]. The company can only afford the $30 million compensation sum because it is expected that $25 million will be covered by insurance[1]. Chronology and extent 23andMe initially announced the data leak in October 2023, with the full...

more »Genetic analysis company pays millions in fines after cyberattack

Laboratory medicine would collapse 7 days after a cyberattack

A realistic scenario for the collapse of laboratory medicine in Germany within seven days after a cyberattack could look like this: Day 1-2: Initial attack and system failure A coordinated ransomware attack simultaneously hits several large laboratory chains and university hospitals in Germany[1]. The attackers encrypt critical systems and demand high ransom payments. Many laboratories have to cease operations as they can no longer access patient data and analysis equipment[2]. Day 3-4: Cascading effects and overload Smaller laboratories and hospitals are flooded with requests as patients and doctors desperately search for alternatives. The remaining functioning laboratories are quickly overloaded and cannot cope with the demand[3]. Delays in patient diagnosis and treatment are mounting. Day 5-6: Supply shortages and emergency measures Hospitals have to postpone non-urgent surgeries as preoperative laboratory tests cannot be performed. Emergency rooms are overcrowded. Chronically ill patients who require regular laboratory checks are particularly at risk[4]....

more »Laboratory medicine would collapse 7 days after cyberattack
Healthcare is one of the main targets of cybercriminals. Prompt: LabNews.

Massive cyberattacks hit Germany

Here is a list of the largest cyberattacks in the medical sector and other industries from late 2023 to early 2024, based on available information: 1. GBI-Genios Deutsche Wirtschaftsdatenbank – April 2024¹ 2. Thyssenkrupp – February 2024¹ 3. PSI Software – February 2024¹ 4. Kind Hörgeräte – February 2024¹ 5. Varta – February 2024¹ 6. Anydesk – February 2024¹ 7. Unfallkasse Thüringen – December 2023/January 2024 (Ransomware)¹ 8. ODAV AG – January 2024¹ 9. Transdev – January 2024¹ 10. Junghans-Wolle/Pro Idee – December 2023 (Ransomware)¹ 11. Allgaier Automotive – December 2023¹ 12. Erfo Bekleidungswerk – December 2023 (Ransomware)¹ 13. KaDeWe – November 2023 (Ransomware)¹ 14. Bauer AG – 2023¹ 15. Südwestfalen IT – October 2023 (Ransomware)¹ 16. Motel One – October 2023 (Ransomware)¹ 17. Häffner – October 2023 (Ransomware)¹ 18. HochsauerlandWasser, Hochsauerland Energie – September/October 2023 (Ransomware)¹ 19. degenia Versicherungsdienst AG –…

more »Massive Cyberattacks Hit Germany

Clinic labs vulnerable via IT weaknesses

The CISA KEV database tracks vulnerabilities exploited in publicly known attacks. In our research, we found that 63% of KEVs tracked by CISA are found in healthcare networks, and 23% of medical devices (imaging systems, clinical IoT devices, surgical devices) have at least one KEV. A recent report shows that older medical devices running on unsupported and/or unmanaged operating systems are widespread in hospital networks. These systems are considered legacy by their respective vendors and no longer receive security or feature updates. Below are some data points on legacy systems from our research. https://claroty.com/resources/reports/state-of-cps-security-report-healthcare-2023 Lab Cyberdefense

Cybersecurity at NSA level

We provide individual consulting and present the vulnerabilities of your network. Our globally operating team consists of IT experts who have worked in NATO cyber defense. Former cyber defense specialists from the US NSA and the British GCHQ are also part of the team. We don't sell simple products. We offer highly complex solutions that protect your data and all critical infrastructure you operate against APT attacks. Furthermore, we will find out for you whether your network has already been infiltrated with APT vectors. Because you should keep your laboratory and patient data with you – and not find your research results unintentionally in third countries or the darknet. Contact exclusively via Threema, use the following code: 2RJFCDBH

Black Cat cripples drug supply

Nine days after a Russian-speaking ransomware syndicate crippled the largest US healthcare payment processor, pharmacies, healthcare providers, and patients were still struggling to fill prescriptions for medications, many of which are life-saving. ArsTechnica reports. "On Thursday, UnitedHealth Group accused a notorious ransomware gang called AlphV and Black Cat of hacking its subsidiary Optum," the magazine said, adding, "Optum offers a nationwide network called Change Healthcare, which allows healthcare providers to manage customer payments and insurance claims. Since pharmacies did not have an easy way to calculate which costs were covered by insurance companies, many had to resort to alternative services or offline methods." https://status.changehealthcare.com/incidents/hqpjz25fn3n7