Stay informed with free updates
Simply sign up to the German politics myFT Digest — delivered directly to your inbox.
The German government has vowed “consequences” for Russia after intelligence agencies concluded the Kremlin was behind a cyber attack on the party of Chancellor Olaf Scholz.
The attack, which occurred in January 2023, was carried out by the same Russian hacker group that penetrated the US Democratic party’s servers and leaked damaging information about Hillary Clinton in her 2016 bid for the presidency, German security officials concluded.
“We can now clearly attribute this attack from last year to the APT28 group, which is controlled by the Russian secret service GRU,” said foreign minister Annalena Baerbock on Friday.
“This is completely unacceptable and will not go without consequences,” she said.
The foreign office said a range of punitive measures against Russia were being considered, including EU sanctions and more diplomatic expulsions.
“We and our partners will not tolerate these cyber attacks and will use the entire spectrum of measures to prevent, deter and respond to Russia’s aggressive behaviour in cyber space,” it said.
The acting Russian ambassador was summoned to the foreign ministry in Berlin on Friday to receive a formal complaint.
The Czech Republic on Friday said its state institutions had also been targeted by APT28 last year.
“Such activities are in violation of the UN norms of responsible state behaviour in cyber space and other international commitments,” the Czech foreign ministry said.
Similar attacks have also occurred in Poland, Lithuania, Slovakia and Sweden in recent years, according to the EU’s diplomatic service.
Nato allies on Friday said they were considering “co-ordinated responses” in retaliation for the attacks.
“We are determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyber threats to support each other,” said the North Atlantic Council, the alliance’s top decision-making body of ambassadors from its 32 member states.
In Germany, the hackers targeted the email accounts of the Social Democratic party’s executive committee members, as well as other officials. German defence, energy and logistics companies were also targeted by the same hacking group, using the same attack methodology, the government said.
The hack exploited a “zero-day” vulnerability in Microsoft software that the SPD was using — a hidden loophole in the code that was only known to the hackers themselves. After the attack, the loophole was identified and Microsoft pushed out a global software update.
The SPD in June said significant amounts of sensitive party data may have been exfiltrated, including information from its leadership’s email accounts.
The GRU, which also successfully hacked the computer systems of Germany’s parliament in 2015, has emerged as one of the Kremlin’s most aggressive actors in cyber space.
The agency — Russia’s military intelligence service — typically seeks to gain immediate advantage with information it gains from political sources, leaking to embarrass or manipulate adversaries, or on occasion blackmail them.
Officials in Berlin have warned Russia is waging an increasingly sophisticated and aggressive information war against Germany, and seeks to destabilise the government, and faith in mainstream political parties, through its campaigns.
In March, conversations between senior German military figures over the delivery of powerful missiles to Ukraine were leaked by Russian propagandists, miring Scholz in weeks of political controversy at home.
The same month Russian hackers attempted to gain access to accounts of officials at Germany’s main opposition party, the Christian Democratic Union.
The cyber security firm Mandiant identified an attack against the party using fake invites to a dinner. The company said Russia’s foreign intelligence agency was likely to have been responsible for that attack.
Read the full article here
