German politicians say action must follow a hack that paralyzed some 900,000 internet connections. Berlin stopped short of blaming Russia, but fears are growing Moscow could try to influence the 2017 German election.
Internet service has still not returned to normal for all of the hundreds of thousands of Germans affected by the hack, but a lively and agitated discussion is underway about what should be done to prevent future disturbances - and who might be responsible for the attack.
German provider Deutsche Telekom believes the disruption was part of a failed attempt to turn a large number of routers into part of a so-called botnet and sees a connection with other recent hacks around the world. Germany's political leadership is very unhappy about the possibility that Russia might have been involved, but isn't quite ready to point the finger directly at Moscow.
"I don't have any concrete information about the origin of the attacks on the Telekom network," Chancellor Angela Merkel said on Tuesday in Berlin. "Let me just say that such cyberattacks, or 'hybrid attacks' as they're known in Russian doctrine, are part of everyday life today, and we need to learn to deal with them."
Germany's Interior Minister Thomas de Mazière also treaded a fine line between alluding to Russia and explicitly blaming the Russian state.
"It's possible that we can't clearly distinguish between criminal activities launched from a certain country and state activities," Maizière said at a conference of federal state interior ministers in Saarbrücken, when asked if he thought Russia was behind the hack of the routers.
Diplomatic tightrope walking notwithstanding, however, worries continue to grow in Germany about cyberattacks carried out, sponsored or at least tolerated by Moscow.
In an interview with the Süddeutsche Zeitung newspaper, Bruno Kahl - the new president of German intelligence service, the BND - complained about hackers trying to "delegitimize the democratic process as such" and said he had "indications" that the hacks "came from certain quarters," namely Russia. And the Telekom hack is by no means the only attack of its kind in Germany.
Routers as weaknesses and weapons
Over the past two years, the German parliament, the Bundestag, and the conservative CDU were both targets of cyberattacks that may have been aimed at such delegitimizing. Members of Germany's two largest parties are calling for more to be done quickly. But, what precisely and against whom?
"We have indications that hacker groups from Russia are active in this area, but we also know what foreign intelligence services are capable of," Social Democratic Bundestag deputy Lars Klingbeil told Deutsche Welle. "For me this shows that we really need to protect ourselves structurally. Looking ahead to the national elections next year, this could become a major issue."
The most recent hack tried to exploit parts within Telekom customers' routers that were cheaply produced in Asia. The head of the Federal Office for IT Security Arne Schönbohm has called for a European-wide seal of approval for routers. And conservatives say that companies need to be held more accountable for the risks presented by their products and services.
"The attack on Telekom exposes a weakness we've talked about for some time; namely, whether the desire for ever cheaper products can guarantee secure quality," Thomas Jarzombek, conservative member of parliament and digital media expert told DW. "We're very worried by this. Someone who controls 900,000 routers can easily use them to attack state targets."
It is widely suspected that Russia was involved in the hacking and leaking of Democratic National Committee emails in the run-up to the US presidential election this year. Berlin would like to minimize the role played by cyberattacks in Germany's national elections next year. But how much effective action can politicians take?
Company and consumer vigilence
Klaus Landefeld, chairman for infrastructure and networks at the Association of the Internet Economy (eco), is skeptical about ideas like the proposed seal of approval.
"The forms of attack are diverse that you have to ask what good such a seal does and how secure is it," Landefeld told DW. "I'd have major doubts that it really made me safer. It might make me feel that if I had a router with a seal, I'd be absolutely secure, but that certainly won't be achieved."
Landefeld says that one of the major problems is that the public at large uses IT technology without sufficient awareness of the risks involved. That's one reason, he says, that there are limits to what politicians can do to minimize the threat of cyberattacks in the short term.
"The Internet Security Law of last May is a start because it raises awareness of the problem, but the government has focused on attacks with clear goals, which is not what we're seeing here," Landefeld said.
Instead, Landefeld thinks the initiative may and should largely come from the private sector and individual Internet users.
"Companies have to do more to ensure that security updates are actually put into practice," Landefeld said. "It can't be that they fail to get their users to plug holes that have been known for months. Those sorts of measures are actually far more important."
In other words, ordinary Germans are going to have to be more assiduous about IT security, if they want their election to proceed without interventions from hacking groups - with or without Russian support.