Germany investigates cyber attack linked to Russian hackers

Politicians demand more details after authorities confirm breach of government network

Konstantin von Notz (left) and Armin Schuster of the German parliament’s control committee speak to journalists after emergency meetings on Thursday to discuss a cyber attack on the government’s computer network. Photograph: John MacDougall/AFP/Getty Images
Konstantin von Notz (left) and Armin Schuster of the German parliament’s control committee speak to journalists after emergency meetings on Thursday to discuss a cyber attack on the government’s computer network. Photograph: John MacDougall/AFP/Getty Images

German MPs held emergency meetings on Thursday to discuss a cyber attack on the government’s computer network that it was claimed could have been committed by a Russian hacking group.

The parliament’s control committee, which oversees the intelligence services, and the committee for digital affairs both held meetings with deputies of all parties demanding more details of the official investigation into the attack.

Authorities confirmed late on Wednesday that hackers had breached the government computer network. Media reports implicated Russian hacker group APT28, which was behind a cyber assault on the German parliament in 2015.

The DPA news agency said there were indications that the cyber attack had been going on for a year and ended only on Wednesday. It said authorities became aware of the hack in December and had in recent weeks been observing the attackers to find out what they were targeting and where they came from. A large volume of data had been siphoned off, the report added.

READ MORE

A spokesman for Germany’s interior ministry said the affected government agencies had taken measures to investigate the incident and protect data. “The attack was isolated and brought under control within the federal administration”, which manages government computer networks, a statement said.

MPs’ anger

A spokesman said authorities were addressing the incident “with high priority and significant resources”.

MPs expressed anger that they had not been informed earlier. "It is really scandalous that the government has known about this since December and I as one of the MPs technically responsible for such matters found out about it from the press," said Anke Domscheit-Berg, an MP who sits on the Bundestag's digital affairs committee.

Konstantin von Notz, the Green party’s spokesman on digital policy, echoed that point, saying it was “very unfortunate that the story reached the light of day before the control committees were informed”.

Western security experts have linked the APT28 hacker group, also known as Fancy Bear, to a Russian spy agency and have blamed it for an attack on the Democratic National Committee in the run-up to the 2016 US presidential election.

German authorities have also blamed it for the May 2015 hack of the Bundestag.

Benjamin Read, senior manager for cyber espionage analysis at FireEye, the cyber security group, said AP28 had targeted "multiple US and European government-related entities" during 2016 and 2017, including government, diplomatic and military organisations in Europe and during the US election.

He said the activity in Germany "would be consistent with the actor's well-established behaviour". – Copyright The Financial Times Limited 2018