Germany Wants to Destroy Foreign Servers Carrying Out Cyber Attacks

The head of Germany’s domestic intelligence agency accused Russian rivals of gathering large amounts of political data in cyber attacks and said it was up to the Kremlin to decide whether it wanted to put it to use ahead of Germany’s September elections….

Hans-Georg Maassen, president of the BfV agency, said “large amounts of data” were seized during a May 2015 cyber attack on the Bundestag, or lower house of parliament, which has previously been blamed on APT28, a Russian hacking group….

Germany’s top cyber official last week confirmed attacks on two foundations affiliated with Germany’s ruling coalition parties that were first identified by security firm Trend Micro.

“We recognize this as a campaign being directed from Russia. Our counterpart is trying to generate information that can be used for disinformation or for influencing operations,” he said. “Whether they do it or not is a political decision … that I assume will be made in the Kremlin.”

Maassen said it appeared that Moscow had acted in a similar manner in the United States, making a “political decision” to use information gathered through cyber attacks to try to influence the U.S. presidential election.

Berlin was studying what legal changes were needed to allow authorities to purge stolen data from third-party servers, and to potentially destroy servers used to carry out cyber attacks.

We believe it is necessary that we are in a position to be able to wipe out these servers if the providers and the owners of the servers are not ready to ensure that they are not used to carry out attacks,” Maassen said….

He said intelligence agencies knew which servers were used by various hacker groups, including APT10, APT28 and APT29.

Image: Germany's counter-intelligence chief Hans-Georg Maassen, July 17, 2012 (photo: Sandy Thieme/German Interior Ministry).