Cyberattack Report: Russian hackers infiltrated German government systems

Hackers have penetrated the German government's data network. Russia's cyberspying group APT28 is said to be responsible.
Quelle: dpa
Dangers lurking in the dark.
(Source: dpa)

Russian hackers have invaded the data network of the German federal government's security agencies, according to German press agency DPA.

The hackers – reportedly cyberspies of the Russian group APT28, also known as Fancy Bear – have breached the German government's highly protected computer network, security sources revealed.

The German Interior Ministry confirmed a cyberattack on Wednesday, although the country's security agencies found out about it last December. At that point, the infiltration may have already been going on for an entire year.

The Interior Ministry spokesman said no authorities "outside the federal administration" have been affected. Within the federal administration, the attack was "isolated" and had been "brought under control," the spokesman added.

Earlier media reports stated that the Foreign and Defense ministries were targeted in the attack, which has not been confirmed so far. The country's intelligence agencies are investigating attacks on more than one ministry and have since taken measures to protect the government's data.

APT28 reportedly used malicious software to capture government data over several months. The German authorities are now trying to determine how deeply the hackers managed to invade the government network. Tracing the exact point of origin of highly sophisticated cyberattacks is often difficult. The federal government registers around 20 highly specialized hacker attacks on its computers every day, most of which are thwarted.

The Digital Committee in parliament wants to meet for a special session on Thursday, according to members of the opposition Free Democratic and Greens parties. "The successful cyberattack shows that the federal government's data network is not sufficiently protected. Given the sensitive information this is an unacceptable situation," said the digital policy spokesman of the FDP faction, Manuel Höferlin.

APT28, which stands for Advanced Persistent Threat, was previously linked to an attack on Germany's lower house of parliament, the Bundestag, and Chancellor Angela Merkel's conservative party in 2015. Many security experts believe Fancy Bear is affiliated with the Russian government.

The group has also been accused of carrying out cyberattacks on NATO, the 2018 Winter Olympics, other European governments and the US Democratic Party during the 2016 presidential election. In early 2016, the private email account of Hillary Clinton's then-campaign chairman John Podesta was hacked. His stolen emails were later released on Wikileaks.

Stephanie Ott is a writer and editor for Handelsblatt Global in New York. To contact the author: [email protected].