Further Cyberattacks On German Government Networks

Cyber spies belonging to the Russian hacker group "APT28" are said to have attacked the federal government's sensitive data network. 

Kremlin spokesman Dmitry Peskov on Friday 2nd March dismissed a suggestion that Russian hackers were behind a cyber-attack in Germany, saying that Russia was now being blamed for any such attack and without any proof. 
What we know

The security authorities first noticed the attack in mid-December. It is said to have begun no later than summer 2017, in the midst of the election campaign for the September Bundestag elections. It may well be that the attack started much earlier - the security services have not ruled out that it has been going on for a year.

According to information from German intelligence circles, the Russian hacker collective APT28 is behind the attack. Digital security experts also suspect that the Russian government is linked to the hacker group.  However, it cannot be completely ruled out that other hackers or countries are also behind the attack, digital traces can also be easily falsified.

According to information from security circles, the foreign and defence ministries have been attacked.
The attack is still ongoing. On Thursday 1st March the Bundestag’s intelligence committee confirmed that the attack was still taking place. Armin Schuster, the head of the committee said that “any public discussion of the attack’s details would be a warning to the attackers that we don’t want to give.”

The security services have allowed the attack to continue in order to gather information on the hackers, according to dpa security sources. But state officials insist it is under control.

The interior ministry's parliamentary state secretary, Ole Schroeder, told regional newspaper group RND that the attack was "under control" after "a very successful operation by the federal security authorities".

"We succeeded, through excellent cooperation, to isolate and bring under control a hacker attack on the federal network," he said, adding however that the security measures had "not yet been completed."

What we don’t know
The attackers are said to have searched for data on specific topics. Rather than steal vast quantities of data, the hackers reportedly chose their targets very carefully. Patrick Sensburg, an MP for the Christian Democrats, said on broadcaster ZDF that it was necessary to check whether any data had been leaked. This isn’t the first time that the APT28 has been accused of hacking German state computer systems. In 2015 they allegedly hacked the Bundestag and stole a total of about 16 gigabytes of data, according to German intelligence services.

Some security experts have however said there is not definitive proof the ATP28 were behind that attack, as the software they use is available online.

Further victims? It is unclear whether other institutions connected to the federal data network, such as security authorities, are also affected by the hacker attack. If the hackers penetrated deeper into the network, the consequences for security would be unforeseeable.

There are many different ways to carry out such an attack. For example, in the cyber-attack on the Bundestag, the Trojans that were ultimately used were assembled in the parliament's network from individual parts hidden in various mail attachments. But nothing has yet leaked out into the public domain on how this attack was carried out.

It is still unclear at this stage what the attack means for the government data network. After the Bundestag attack in 2015, it was the case that in a time-consuming and costly action, the entire data network had to be redesigned.

The Local:        Reuters

You Might Also Read: 

Russian Hackers Posed as ISIS to Hack French TV Channel:

Cyber attack on German Parliament Still Active:

Was The German Election Hacked?:

 

 

« NSA’s Global Spy Monitor
US Spy Chiefs Look For UK Guidance On Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Energy Sec

Energy Sec

EnergySec is a United States 501(c)(3) non-profit corporation formed to support energy sector organizations with the security of their critical technology infrastructures.

CERT-EU

CERT-EU

CERT-EU is a permanent Computer Emergency Response Team for the EU institutions, agencies and bodies.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

Cohesity

Cohesity

Cohesity radically simplifies the way businesses back up, manage, protect, and extract value from their data—in the data center, at the edge, and in the cloud.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

Viettel Cyber Security

Viettel Cyber Security

Viettel Cyber Security is an organization under the Military Telecommunication Industry Group, conducting research and developing information security solutions for domestic and foreign customers.

Valency Networks

Valency Networks

Valency Networks provide cutting edge results in the areas of Vulnerability Assessment and Penetration Testing services for webapps, cloud apps, mobile apps and IT networks.

Cyber Crucible

Cyber Crucible

Cyber Crucible is a cybersecurity Software as a Service company definitively removing the risk of data extortion from customer environments.

SeeMetrics

SeeMetrics

SeeMetrics is an automated cybersecurity performance management platform that integrates security data and business objectives into a simple interface.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

WBM Technologies

WBM Technologies

WBM Technologies is a Western Canadian leader in the provision of outcomes-driven information technology solutions.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

Argantic

Argantic

Argantic aims to help organisations thrive and reach their full potential in a modern cloud-centric era.