German Intelligence Accuses Russia of Mounting Series of International Cyber-Attacks

President of the BfV Hans-Georg Maassen, July 17, 2012From AFP:  Germany’s domestic secret service has accused Russia of a series of international cyber-attacks aimed at spying and sabotage, in “hybrid warfare” that also targeted the German parliament last year.

The operations cited by the BfV intelligence agency ranged from an aggressive attack called Sofacy or APT 28 that hit Nato members and knocked French TV station TV5Monde off air, to a hacking campaign called Sandworm that brought down part of Ukraine’s power grid last year.

“Cyberspace is a place for hybrid warfare. It opens a new space of operations for espionage and sabotage,” said Hans-Georg Maaßen, who heads the BfV agency.

“The campaigns being monitored by the BfV are generally about obtaining information, that is spying,” he said. “However, Russian secret services have also shown a readiness to carry out sabotage….”

The BfV said the “cyber-attacks carried out by Russian secret services are part of multi-year international operations that are aimed at obtaining strategic information. Some of these operations can be traced back as far as seven to 11 years….”

BfV said Sandworm targeted not just government posts, but “was also aimed at telecommunications companies, energy providers as well as higher education facilities.”

From Deutsche Welle:  Germany’s lower house of parliament was attacked last year by a phishing tool named Sofacy, which is used by a Russian-based group called Pawn Storm. The hackers apparently wanted to steal personal and corporate data from the Christian Democratic Union (CDU), and high-profile individuals, according to Trend Micro, a security research firm.

The CDU is Germany’s leading political party, which is headed by Chancellor Angela Merkel. The attack also reportedly affected a computer in Merkel’s legislative office. The attack appears to have been an attempt to get Germany to abandon its support for Ukraine….

Pawn Storm is dedicated to going after the Kremlin’s real or imagined enemies, including the US government and its military, as well as NATO and governments in eastern Europe and Turkey, according to multiple cybersecurity experts.

“Pawn Storm clearly targets groups that could be perceived as a risk to Russian politics and interests,” according to Trend Micro.

The cyberwarriors also hit France’s TV5 Monde television channel in April 2015, forcing it off the air and placing jihadist propaganda messages on the station’s website and social media accounts.

From Noah Barkin and Sabine Siebold, Reuters:  “The BfV has indications that it is being steered by the Russian state and has been monitoring it for years,” the agency said in a statement….

Hans-Georg Maassen, president of the BfV, said that government, corporate and educational facilities in Germany were under “permanent threat“, with critical infrastructure in areas like energy and telecommunications in particular focus….

The attack on the Bundestag lower house, first reported in May of last year, caused severe damage, forcing authorities to shut down the computer system for days in order to repair the network.

Cybersecurity Germany NATO Russia Security & Defense

Image: President of the BfV Hans-Georg Maassen, July 17, 2012 (photo: Sandy Thieme/German Interior Ministry)