Germany has confirmed that several government ministries’ networks were recently targeted by hackers but has refrained from naming the perpetrators so far.
Hackers had targeted a communications platform that is used by several government ministries as well as the chancellery, but it is unclear if they were able to steal any sensitive information from the platform.
The platform, which was targeted by hackers, is known as “Informationsverbund Berlin-Bonn” (IVBB) network and serves as a communication exchange platform for several government ministries, the parliament, the Federal Audit Office, the Chancellery, and other government departments in Germany.
In a press statement, Germany’s Interior Ministry said: “We can confirm that the Federal Office for Information Security (BSI) and intelligence services are investigating a cybersecurity incident concerning the federal government’s information technology and networks.”
According to DW, the IVBB network has an added layer of security and is separated from other public networks to stay under the radar. However, since it is used extensively by government departments and ministries, any data breach from its servers could seriously compromise Germany’s security and the security of information belonging to citizens.
An earlier report by German news agency DPA had revealed that prominent Russian hacker group ATP28, also known as Fancy Bear, had successfully injected malware into a government network. The malware reportedly stayed hidden for over a year before being discovered by officials.
Russian hackers like APT28, ATP10, and ATP29 have previously been accused of using remote servers to perpetrate cyber-attacks on political parties in Germany. The most significant of these cyber-attacks was one conducted on the Bundestag in May 2015 which resulted in the loss of large amounts of data. Angela Merkel’s Christian Democratic Union (CDU) was at the receiving end of most of these cyber-attacks.
“We recognize this as a campaign being directed from Russia. Our counterpart is trying to generate information that can be used for disinformation or for influencing operations. Whether they do it or not is a political decision … that I assume will be made in the Kremlin,” said Hans-Georg Maassen, president of the BfV agency which is entrusted with keeping Germany’s constitution secure.
Information stolen via such cyber-attacks were reportedly used by Russians to create fake news and propaganda to influence opinions of voters ahead of last year’s September elections, he added. One such example was the news about the rape of a 13-year Russian-German girl by migrants. Rumours were also spread about the father of former European Parliament President Martin Schulz running a Nazi concentration camp during the world war.