Cyber Attack On German Government

Uploaded on 2018-03-05 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

Cyber spies belonging to the Russian hacker group "APT28" are said to have attacked the federal government's sensitive data network. 

 Kremlin spokesman Dmitry Peskov on Friday 2nd March dismissed a suggestion that Russian hackers were behind a cyber-attack in Germany, saying that Russia was now being blamed for any such attack and without any proof. 

What we know

The security authorities first noticed the attack in mid-December. It is said to have begun no later than summer 2017, in the midst of the election campaign for the September Bundestag elections. It may well be that the attack started much earlier - the security services have not ruled out that it has been going on for a year.

According to information from German intelligence circles, the Russian hacker collective APT28 is behind the attack. Digital security experts also suspect that the Russian government is linked to the hacker group. However, it cannot be completely ruled out that other hackers or countries are also behind the attack, digital traces can also be easily falsified.

According to information from security circles, the foreign and defence ministries have been attacked.

The attack is still ongoing. On Thursday 1st March the Bundestag’s intelligence committee confirmed that the attack was still taking place. Armin Schuster, the head of the committee said that “any public discussion of the attack’s details would be a warning to the attackers that we don’t want to give.” The security services have allowed the attack to continue in order to gather information on the hackers, according to dpa security sources.

But state officials insist it is under control.

The interior ministry's parliamentary state secretary, Ole Schroeder, told regional newspaper group RND that the attack was "under control" after "a very successful operation by the federal security authorities".

"We succeeded, through excellent cooperation, to isolate and bring under control a hacker attack on the federal network," he said, adding however that the security measures had "not yet been completed."

What we don’t know

The attackers are said to have searched for data on specific topics. Rather than steal vast quantities of data, the hackers reportedly chose their targets very carefully. Patrick Sensburg, an MP for the Christian Democrats, said on broadcaster ZDF that it was necessary to check whether any data had been leaked. This isn’t the first time that the APT28 has been accused of hacking German state computer systems. In 2015 they allegedly hacked the Bundestag and stole a total of about 16 gigabytes of data, according to German intelligence services.

Some security experts have however said there is not definitive proof the ATP28 were behind that attack, as the software they use is available online.

Further victims? It is unclear whether other institutions connected to the federal data network, such as security authorities, are also affected by the hacker attack. If the hackers penetrated deeper into the network, the consequences for security would be unforeseeable.

There are many different ways to carry out such an attack. For example, in the cyber-attack on the Bundestag, the Trojans that were ultimately used were assembled in the parliament's network from individual parts hidden in various mail attachments. But nothing has yet leaked out into the public domain on how this attack was carried out.

It is still unclear at this stage what the attack means for the government data network. After the Bundestag attack in 2015, it was the case that in a time-consuming and costly action, the entire data network had to be redesigned.

The Local:         Reuters:

You Might Also Read: 

German Spies Warn Of Chinese Espionage:

Was The German Election Hacked?:

« UK Cyber Attacks Will ‘Get Worse’ Post-Brexit
High Performance Face Recognition »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

360Logica

360Logica

360Logica is a software testing company offering numerous kinds of testing services to improve the quality and performance of your software and IT systems.

Cyber Command

Cyber Command

Our Managed IT service allows clients to offload the management of day-to-day computer, server, and networking support to our team of professionals.

Comiq

Comiq

Comiq provide software quality assurance, testing and project management services. Areas of expertise include cybersecurity.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Crashtest Security

Crashtest Security

Crashtest Security is a cyber security company that helps digital companies to continuously create secure software with the help of automated vulnerability assessments.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

Cyber Command - Estonian Defence Forces

Cyber Command - Estonian Defence Forces

The main mission of the Cyber Command is to carry out operations in cyberspace in order to provide command support for Ministry of Defence’s area of responsibility.

Alias Robotics

Alias Robotics

Alias Robotics is a robot cyber security company. We deliver cyber security solutions for robots and robot components.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Bastion Networks

Bastion Networks

Bastion are a security-focussed managed solution provider and consultancy. We work with advanced cyber security vendors to produce managed security solutions to protect from online threats.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Frenos

Frenos

The Frenos Platform helps enterprises understand their most probable attack paths while highlighting the most effective risk mitigations to deter and defend against today’s adversaries.

XY Cyber

XY Cyber

XY Cyber enable Generative AI for Cyber Operations. We simplify the complex world of cyber threats into actionable strategies, empowering your defense with AI-powered solutions.

Graphiant

Graphiant

Graphiant’s Data Assurance service gives businesses end-to-end control and visibility into how data travels throughout the entire business network.

PMSLTech

PMSLTech

Discover emerging trends and digital innovations to launch, grow, and scale your venture successfully.