The German government has officially proposed that the European Union impose sanctions on Russian individuals responsible for a large-scale hacking of the Bundestag five years ago, the German Press Agency reported Sunday.
If agreed, the plan, which was recommended by Berlin last month, would be the first use of an EU cyber sanctions regime adopted in 2017.
The details of the proposals were revealed in response to a parliamentary inquiry filed by Germany's socialist Left Party and reviewed by the news agency.
The German government believes Russian intelligence was behind a 2015 network hacking in which an estimated 16 gigabytes of data, documents, and emails were siphoned off from the Bundestag's IT network, including thousands of emails from Merkel's Bundestag office.
It was the largest cyber hacking ever carried out against the Bundestag.
German government defends proposal
In May, Germany's attorney general issued an arrest warrant against Russian citizen Dmitry Badin, who is "strongly suspected of being responsible" for the attack and who is a "member of the group APT28," the response to the inquiry said.
Germany also believes a hacker from the Russian military secret service GRU was involved.
On June 3, 2020, the government "substantiated sanction proposals within the EU framework by presenting a comprehensive package of evidence based on the results of German investigative authorities and on intelligence information as well as publicly available sources."
This information was sent to the other EU member states for consideration. A decision from the bloc is still pending.
The government response confirms that Germany followed through on threats made to Russian Ambassador Sergei Nechayev in May after the arrest warrant for Badin was issued.
Left says 'no evidence' of Russian government involvement
"It may be that Russian citizens are behind the 'Bundestag hack', but perhaps it's a false clue intended to throw off the scent. In any case, to this day there is no evidence of Russian government involvement in the hacking attack," said Andrej Hunko, spokesman for European policy for the Left Party's parliamentary group.
Hunko is opposed to the sanctions proposal.
Following an earlier investigation from Germany's Federal Prosecutor General, Chancellor Angela Merkel had made reference to "hard evidence" of Russian involvement in an "outrageous" operation.
In 2017, the European Council developed a framework for a joint EU diplomatic response to malicious cyber activities, known as the "EU Cyber Diplomacy Toolbox."
This framework is aimed "at individuals or groups, not states," the German government stressed in its response.
In terms of the 2015 attack on the Bundestag, the response said, "The federal government assumes that a danger continues to emanate from the originator."