Russian Hackers Try To Attack German Governing Party.

Uploaded on 2016-05-18 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Konrad-Adenauer-Haus, headquarters of the CDU, in Berlin

A group of hackers known to target critics of the Russian government has been trying since April to attack the computer systems of German Chancellor Angela Merkel's Christian Democratic Union party, a security research firm say. 

Researchers at Trend Micro said the hackers, called Pawn Storm, appear to be trying to steal personal and corporate data from the CDU and high-profile individuals using two free email services. A year ago, the research group linked Pawn Storm to hacking attacks on the Bundestag, the lower house of parliament.

In the latest attempts, the hackers apparently tried to coordinate credential-phishing attacks, using computer services based in Latvia and the Netherlands, to gain access to the systems of the CDU and other high-profile users, Trend Micro said in a blog post.

"Up until now no attacks have taken place," a source at the CDU headquarters in Berlin said. "We have nonetheless made appropriate changes to our IT infrastructure. We can't say anything on the reasons for this."

Pawn Storm has been active for more than a decade and is considered one of the longest-lasting cyber espionage groups.

Several major computer research groups say it has targeted opposition groups in Russia as well as NATO and governments in adjacent Eastern European countries, Turkey and the United States. The military, defense companies and media in those countries have also been attacked, Trend Micro said.

"Pawn Storm clearly targets groups that could be perceived as a risk to Russian politics and interests," Trend Micro said.
The cyber-attack on the German parliament was first reported in May 2015. German media have said replacing the computer system could cost the government millions of euros.

The news magazine Der Spiegel also quoted an internal investigation as saying there were indications that a Russian intelligence agency had staged the attack.
In January 2015, German government websites, including Merkel's website, were hacked in an attack claimed by a group demanding that Berlin end support for the Ukrainian government.

Reuters:

« Think You Know Your Customers? Try Authenticating Them
Anonymous Declares War On Global Banks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

MailGuard

MailGuard

MailGuard delivers a full suite of security solutions across email and web to protect your business before threats reach your environment.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

Infodas

Infodas

Infodas provides Cybersecurity and IT consulting / system integration services as well as a range of innovative Cybersecurity products to public sector and commercial clients.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

Upfort

Upfort

Upfort (formerly Paladin Cyber) unifies award-winning security and robust cyber insurance to deliver comprehensive cyber risk solutions.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

In-Q-Tel (IQT)

In-Q-Tel (IQT)

IQT is the non-profit strategic investor that accelerates the development and delivery of cutting-edge technologies to U.S. government agencies that keep our nation safe.

StrataCore

StrataCore

StrataCore is a single-source technology lifecycle advocate that works behind IT teams as a strategic partner to help them achieve peak enterprise outcomes.

VeriBOM

VeriBOM

VeriBOM is a SaaS security and compliance platform that helps protect you and your customers through automation, documentation, and transparency for every software application you build or run.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.