German Politicians Suffer Mass Hacking

Uploaded on 2019-01-08 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Just before Christmas the personal and private data, mobile phone numbers and financial information of German politicians including Angela Merkel and President Steinmeier was leaked via Twitter.

This attack included all parts of German politics and also journalists and well-known actors, comedians and artists. This attack seems not be for commercial or financial theft but for political destabilisation and was a focused attack that would have taken the hacker a number of months to achieve and so it certainly was a focused attack.

There are suggestions by Sven Herpig, a German cyber analyst, that because of some of the techniques used that Russia was probably the attacker as they reflected aspects to other Russian attacks, but there is no clear evidence of who is behind the attack which, must have been masterminded over a number of months in order to get such detail information. 

As no information from the far right party the AfD was exposed this suggests that this could have been a political attack rather than from another government, as Germany has four state elections in 2019 and elections at the EU Parliament. 

Now other governments are concerned that they also may have been similarly attacked. Twitter has taken down the account that showed links to the hacked data. However, the tweets are still on-line.

Justice Minister Katarina Barley said it was a "serious attack". "The people behind this want to damage confidence in our democracy and institutions," she said. 

The Berlin government is not sure who or what organisation might have been involved in the attack and some suggest it might have been a lone attacker, although the sheer volume of the information released is shocking and some German politicians believe this about an attempt to destabilise Germany. 

The Interior Minister Seehofer has also said that the preliminary analysis of the attack suggests that the data had been obtained by, "wrongful use of log-in information for cloud services, email accounts or social networks".

News by CSI:

You Might Also Read:

Germany Detects New Russian Cyber-Attack:

 

« Hackers Demand Ransom For Stolen 911 Documents
Major US Newspapers Under Malware Attack »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

BetterCloud

BetterCloud

BetterCloud puts IT in control of the modern workplace through user lifecycle management, data discovery, and IT and security automation purpose-built for SaaS.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Assertion

Assertion

Assertion secures your collaboration (UC/CC) systems from cyber risks. Enforcing the right set of controls and monitoring them continually brings down risk to acceptable levels.

spiderSilk

spiderSilk

spiderSilk is a Dubai-based cybersecurity firm, specializing in simulating the most advanced cyber offenses on your technology so you can build your best security defenses.

Blackpoint Cyber

Blackpoint Cyber

Blackpoint’s mission is to provide effective, affordable real-time threat detection and response to organizations of all sizes around the world.

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

Industrial Control System Information Sharing and Analysis Center (ICS-ISAC)

ICS-ISAC is a non-profit, public/private Knowledge Sharing Center established to help facilities develop situational awareness in support of local, national and international security.

eSec Forte Technologies

eSec Forte Technologies

eSec Forte Technologies is a CMMi Level 3 certified Global Consulting and IT Security Services company.

JupiterOne

JupiterOne

JupiterOne is the security product that is changing how organizations manage and secure their software defined assets.

Viria

Viria

Viria is an information and security technology solution provider that promotes digitalization in a secure way.

ControlMap

ControlMap

ControlMap is a software as a service platform with a mission to simplify and eliminate stress from everyday operations of modern IT compliance teams.

In Fidem

In Fidem

In Fidem specializes in information security management, with a bold approach that views cybersecurity as a springboard to organizational transformation rather than a barrier to innovation.

Concourse Labs

Concourse Labs

Concourse Labs Security Guardrails continuously verify cloud infrastructure and workloads. Continuously assess clouds for security, resiliency, and regulatory compliance.

Digital Silence

Digital Silence

Digital Silence is a world-class provider of information security research and consulting services.