Russia Accused Of Cyberattack On Germany’s Ruling Party, Defence Firms

Germany has hit out at Russia, and accused it of carrying out a cyberattack against a number of national targets.

The Associated Press reported Germany’s Foreign Minister Annalena Baerbock on Friday said Russia will face consequences, after she accused its military intelligence service of masterminding an “absolutely intolerable” cyberattack.

Relations between Russia and Germany are already at an all time low, after Berlin hardened its previous softly-softly approach to Moscow, and began providing military support to Ukraine to aid in its fight against Russia’s illegal invasion of that sovereign nation.

Russian attack

Russian state hackers were reportedly behind a cyberattack last year that targeted the Social Democrats, the leading party in the governing coalition.

The German Interior Ministry also added that German companies, including in the defence and aerospace sectors, as well as targets related to Russia’s war in Ukraine, were a focus of the nation-state attack.

“Russian state hackers attacked Germany in cyberspace,” Baerbock said at a news conference in the Australian city of Adelaide. “We can attribute this attack to the group called APT28, which is steered by the military intelligence service of Russia.”

“This is absolutely intolerable and unacceptable and will have consequences,” she was quoted by AP as saying.

Fancy bear

APT28 is associated with the Russian military intelligence service (GRU), and is also known as Fancy Bear or Pawn Storm.

The group made a name for itself by hacking the Democratic National Convention (DNC) and releasing sensitive documents including internal emails ahead of the 2016 US presidential election. It has gone on to attack many other high profile targets.

According to the Associated Press, the Council of the EU and the Czech Foreign Ministry said that Czechia’s institutions have also been a target of a cyber campaign by the same group.

The ministry said APT28 exploited a previously unknown vulnerability in Microsoft Outlook from 2023.

“Cyberattacks targeting political entities, state institutions and critical infrastructure are not only a threat to national security, but also disrupt the democratic processes on which our free society is based,” the ministry was quoted as saying.

No details about the targets of these attacks were given.

EU, NATO support

In a statement by the EU’s top diplomat, Josep Borrell, the bloc’s nations reportedly said they “strongly condemn the malicious cyber campaign conducted by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia.”

The EU noted that it had previously imposed sanctions on individuals and entities responsible for APT28 attacks targeting the German parliament in 2015. It said it will not tolerate the continuation of such attacks, particularly with EU elections upcoming in June.

The April/May 2015 cyberattack against Germany’s parliament (Bundestag) impacted 20,000 computers used by politicians, support staff and civil servants on the Parlakom network, including former Chancellor Merkel’s own computer.

In April 2018 former German Foreign Minister Heiko Maas also blamed Russia for a cyberattack on the German Foreign Ministry.

NATO meanwhile reportedly said that APT28 targeted “other national governmental entities, critical infrastructure operators and other entities across the Alliance,” including in Lithuania, Poland, Slovakia and Sweden.

“We are determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyberthreats to support each other, including by considering coordinated responses,” the North Atlantic Council, the principal political decision-making body within NATO, was quoted as saying.