1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Russian hacking suspected

September 20, 2016

Germany's BSI data security agency has warned German political parties to guard against cyber hackers, according to a German media consortium. At a briefing they were told that Russian groups were suspected.

Image: picture-alliance/dpa/R. Hirschberger

The three-way consortium comprising NDR and WDR public broadcasting and the "Süddeutsche Zeitung" newspaper said Germany's political parties and their federal Bundestag parliamentary factions were recently briefed by the BSI.

Arne Schönborn, the president of the Bonn-based Federal Office for Information Security - as the BSI is known in English - told the journalist team: "There are indications that point to the APT28."

Deutschland Düsseldorf Arne Schönbohm
The BSI's Schönborn urges Germany to ward off hackersImage: picture-alliance/dpa/F. gambarini

The Advanced Persistent Threat or APT28, which is also known as the Sofacy Group, is the name given by western agencies, including Germany's BfV domestic intelligence agency, to an alleged cyber attack network close to Russia's secret services, GRU and FSB.

Schönborn said he had offered BSI help to the German parties so they could avoid future cyber attacks in the run-up to Germany's next federal election due in September 2017.

Since last year, campaigns by ATP have allegedly targeted NATO and knocked the French television station TV5Monde off the air.

A second group called "Sandworm" allegedly deployed electronic malware last December to disable part of Ukraine's power grid.

Alarm after recent hacker bids

The German media consortium said German authorities were informed on September 7 that hacker attacks had been directed at federal parliamentarians of the center-left Social Democrats (SPD) and the post-communist Left part, including its parliamentary group leader Sahra Wagenknecht.

Magdeburg Parteitag Die Linke Sahra Wagenknecht Rede
The Left's Sahra Wagenknecht was allegedly a targetImage: picture-alliance/dpa/P. Endig

Also targeted were "Jungen Union," the youth wing of Chancellor Angela Merkel's conservative Christian Democratic (CDU) party and CDU politicians in Saarland on Germany's border with France.

In so-called phishing attacks on emails on August 15 and 24, hackers had used false identities suggesting that the messages were from NATO about the July coup attempt in Turkey and last month's earthquake in Italy's Umbria region.

The Bundestag federal parliament had managed to avoid that attack, the consortium said, because it had already blocked access to malware after a previous scare in May.

The consortium said the recent attacks were being taken "extremely seriously" because authorities feared that sensitive information could be gathered by hackers to later manipulate the public ahead of elections.

Russia 'very innovative'

Marcel H. Van Herpen, who heads the Cicero Foundation, a Dutch think tank which advises the EU, wrote late last month in the German parliamentary magazine "APUZ" that Russian "disinformation" had become "very innovative" under President Vladimir Putin, a former KGB agent once stationed in communist East Germany.

"That relates to the extremely lavish budget for the propaganda work of the Kremlin, the far-reaching modernization of the Russian propaganda machinery, the use of psychological know-how and the relative openness of the Western media world" to influence Western political decision-making, Van Herpen said.

The Dutch expert said a long-running subject at Russia's military academies was the Chinese method of "Sunzi" or "the art of warfare", developed in around 500 years BC, that used deception to erode resistance and defeat the enemy "without having to fight a battle."

He advised Western governments to significantly raise their budgets for "public diplomacy." These had been severely trimmed over the past 10 years while Russia had "constantly raised" its funding for its "propaganda machinery."

ipj/kl (AP, dpa, AFP, ARD)