Germany's Intelligence Chief Accuses Russia of Cyber Warfare

Germany's domestic intelligence agency has accused Russia of engaging in ongoing cyberwarfare. The aim, he said, is to steal information and to carry out sabotage against its enemies - both real and imagined.

Recently Hans-Georg Maassen, the head of Germany's domestic intelligence agency (BfV), said that in the past year or so, Russia had launched attacks against the German parliament, NATO members and French TV.

"Cyberspace is a place for hybrid warfare," Maassen said. "It opens a new space of operations for espionage and sabotage.

"The campaigns being monitored by the BfV are generally about obtaining information, that is spying," he said. "However, Russian secret services have also shown a readiness to carry out sabotage."

Germany's lower house of parliament was attacked last year by a phishing tool named Sofacy, which is used by a Russian-based group called Pawn Storm. The hackers apparently wanted to steal personal and corporate data from the Christian Democratic Union (CDU), and high-profile individuals, according to Trend Micro, a security research firm. The CDU is Germany's leading political party, which is headed by Chancellor Angela Merkel. The attack also reportedly affected a computer in Merkel's legislative office. The attack appears to have been an attempt to get Germany to abandon its support for Ukraine.

Going After Russia's Enemies

Pawn Storm is believed to either have ties to the Russian government or be a part of it. These "cyberattacks carried out by Russian secret services are part of multi-year international operations that are aimed at obtaining strategic information," Maassen said. "Some of these operations can be traced back as far as seven to 11 years."

In the realm of sabotage, Sofacy is also believed to have brought down part of Ukraine's power grid last year. Pawn Storm is dedicated to going after the Kremlin's real or imagined enemies, including the US government and its military, as well as NATO and governments in eastern Europe and Turkey, according to multiple cybersecurity experts.

"Pawn Storm clearly targets groups that could be perceived as a risk to Russian politics and interests," according to Trend Micro. The cyber-warriors also hit France's TV5 Monde television channel in April 2015, forcing it off the air and placing jihadist propaganda messages on the station's website and social media accounts.

So far the CDU computers have not been breached, according to one official in Berlin, who spoke on condition of anonymity. But, he said, they aren't taking any chances. "We have nonetheless made appropriate changes to our IT infrastructure," he said. "We can't say anything on the reasons for this."

Ein News

« Hacking Pros Don’t Trust The Internet
Is The Boom In Ransomware Stabilizing? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

AV Test

AV Test

The AV-TEST Institute is a leading international and independent service provider in the fields of anti-virus research and IT security.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Software Engineering Institute (SEI)

Software Engineering Institute (SEI)

At the CERT Division of SEI we study and solve cybersecurity problems, research security vulnerabilities in software, and develop information and training to help improve cybersecurity.

HYAS Infosec

HYAS Infosec

HYAS is a highly skilled information security firm developing the next generation of information security technology.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

Xperien

Xperien

Xperien is a leading South African Information Technology Asset Disposition (ITAD) company.

Taoglas

Taoglas

Taoglas Next Gen IoT Edge software provides a pay as you go platform for customers to connect, manage and maintain their edge devices in an efficient and secure way.

SIS Certifications (SIS CERT)

SIS Certifications (SIS CERT)

SIS Certifications is an ISO certification body serving more than 10,000 clients in over 15 countries worldwide.

Tesserent

Tesserent

Tesserent (formerly Pure Security) is a full-service cybersecurity solutions provider. We partner with clients across Australia and New Zealand in the protection of their digital assets.

Vala Secure

Vala Secure

Vala Secure is a cybersecurity and compliance consultancy that always stays ahead of regulations, future threats and ever-changing security environments.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

MetaWeb Ventures

MetaWeb Ventures

MetaWeb Ventures is a global venture capital firm focused on pre-seed and seed investments in crypto start-ups.

CloudDefense.AI

CloudDefense.AI

CloudDefense.AI is an industry-leading multi-layered Cloud Native Application and Protection Platform (CNAPP) that safeguards your cloud infrastructure and cloud-native apps,

Ark Technology Consultants

Ark Technology Consultants

Ark Technology Consultants is a unique IT Services Firm which blends technology solutions with consultative insight around governance and process management.