Cyber Attack On German Government

Cyber spies belonging to the Russian hacker group "APT28" are said to have attacked the federal government's sensitive data network. 

 Kremlin spokesman Dmitry Peskov on Friday 2nd March dismissed a suggestion that Russian hackers were behind a cyber-attack in Germany, saying that Russia was now being blamed for any such attack and without any proof. 

What we know

The security authorities first noticed the attack in mid-December. It is said to have begun no later than summer 2017, in the midst of the election campaign for the September Bundestag elections. It may well be that the attack started much earlier - the security services have not ruled out that it has been going on for a year.

According to information from German intelligence circles, the Russian hacker collective APT28 is behind the attack. Digital security experts also suspect that the Russian government is linked to the hacker group. However, it cannot be completely ruled out that other hackers or countries are also behind the attack, digital traces can also be easily falsified.

According to information from security circles, the foreign and defence ministries have been attacked.

The attack is still ongoing. On Thursday 1st March the Bundestag’s intelligence committee confirmed that the attack was still taking place. Armin Schuster, the head of the committee said that “any public discussion of the attack’s details would be a warning to the attackers that we don’t want to give.” The security services have allowed the attack to continue in order to gather information on the hackers, according to dpa security sources.

But state officials insist it is under control.

The interior ministry's parliamentary state secretary, Ole Schroeder, told regional newspaper group RND that the attack was "under control" after "a very successful operation by the federal security authorities".

"We succeeded, through excellent cooperation, to isolate and bring under control a hacker attack on the federal network," he said, adding however that the security measures had "not yet been completed."

What we don’t know

The attackers are said to have searched for data on specific topics. Rather than steal vast quantities of data, the hackers reportedly chose their targets very carefully. Patrick Sensburg, an MP for the Christian Democrats, said on broadcaster ZDF that it was necessary to check whether any data had been leaked. This isn’t the first time that the APT28 has been accused of hacking German state computer systems. In 2015 they allegedly hacked the Bundestag and stole a total of about 16 gigabytes of data, according to German intelligence services.

Some security experts have however said there is not definitive proof the ATP28 were behind that attack, as the software they use is available online.

Further victims? It is unclear whether other institutions connected to the federal data network, such as security authorities, are also affected by the hacker attack. If the hackers penetrated deeper into the network, the consequences for security would be unforeseeable.

There are many different ways to carry out such an attack. For example, in the cyber-attack on the Bundestag, the Trojans that were ultimately used were assembled in the parliament's network from individual parts hidden in various mail attachments. But nothing has yet leaked out into the public domain on how this attack was carried out.

It is still unclear at this stage what the attack means for the government data network. After the Bundestag attack in 2015, it was the case that in a time-consuming and costly action, the entire data network had to be redesigned.

The Local:         Reuters:

You Might Also Read: 

German Spies Warn Of Chinese Espionage:

Was The German Election Hacked?:

« UK Cyber Attacks Will ‘Get Worse’ Post-Brexit
High Performance Face Recognition »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IEEE Computer Society

IEEE Computer Society

The IEEE Computer Society is the world's leading membership organization dedicated to computer science and technology.

FAMOC

FAMOC

FAMOC is an enterprise mobile management solution that delivers comprehensive security and management for applications, documents, email, and mobile devices.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Granite Partners

Granite Partners

Granite is a cloud service for the development of business risk management, cyber security and privacy and occupational safety and health.

Huntsman Security

Huntsman Security

Huntsman Security provides technology to enable real-time security monitoring and immediate visibility of advanced threats and compliance issues.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

Infopulse

Infopulse

Infopulse is a global provider of Software Engineering, Cloud & IT Infrastructure Management, and Cybersecurity services.

ColorTokens

ColorTokens

ColorTokens Xtended ZeroTrust Platform protects from the inside out with unified visibility, micro-segmentation, zero-trust network access, cloud workload and endpoint protection.

Datacentrix

Datacentrix

Datacentrix provides end-to-end cybersecurity services for the operational technology (OT) and IT environments to monitor, assess and defend our customers' information assets.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

Toka Group

Toka Group

Toka empowers government agencies with critical and previously out-of-reach digital forensics, force protection and Intelligence capabilities, tackling the fields' most pressing challenges.

Cenobe Cyber Security

Cenobe Cyber Security

Cenobe provides customized solutions to keep you ahead of potential threats and ensure the security of your organization's systems and data.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.

Pvotal Technologies

Pvotal Technologies

Pvotal Technologies engineer complex, automated processes aligned with best AIOps, BizDevOps, DevSecOps, CloudOps, and ITOps practices.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.