Germany’s interior ministry has downplayed a cyberattack that reportedly resulted in sensitive information being stolen from a government computer network.
Ministry spokesman Johannes Dimroth told reporters Friday that authorities were monitoring the attack before it was revealed in the media this week, and that “acute danger was averted soon after it became known.”
The attack affected Germany’s Informationsverbund Berlin-Bonn (IVBB), a federal computer network used to exchange sensitive but not highly classified documents, Mr. Dimroth told reporters, according to Reuters.
The attack was first disclosed by German news outlets on Wednesday, prompting members of the German parliament’s intelligence oversight committee to convene a special session Thursday demanding details after having been left in the dark prior to recent media reporting.
“It is a real cyberattack on parts of the government system. It’s an ongoing process, an ongoing attack,” Armin Schuster, a member of Chancellor Angela Merkel’s conservative party and the committee’s chairman, told reporters after being briefed on the attack. “The spilling of secrets caused considerable damage, but the government, as of today, is trying to limit the damage.”
Authorities are investigating the leak, Mr. Dirmoth said Friday, and Germany’s chief federal prosecutor’s office said a preliminary probe is underway.
Mr. Dirmoth declined to comment on whether authorities have linked the attack to Russia, notwithstanding media reports linking the incident to suspected state-sponsored hackers.
German media reported earlier this week that security researchers believe the attack was waged by a hacking group known as “Snake” previously linked to Russian intelligence, drawing a reaction Friday from Kremlin spokesman Dmitry Peskov.
“We note with regret that any hacking attacks in the world are associated with Russian hackers but that each time they (the allegations) are made without any tangible proof,” Mr. Peskov said during a conference call with reporters Friday.
Like the U.S., Germany has blamed Russia before for instances of state-sponsored cyberattacks. The German Federal Office for Information Security previously said a 2015 attack against the Bundestag parliamentary network was likely waged by a hacking group known by names such as APT28, Fancy Bear and Sofacy. Security researchers have linked that group to Russian intelligence as well, including hacking campaigns waged against U.S. targets during the 2016 presidential election widely blamed on Russian operatives.
The IVBB hack was “a technically sophisticated attack that had been planned for some time,” Interior Minister Thomas de Maizière said Thursday.
If positively linked to Russia, the hacking will constitute “a form of warfare against Germany,” said Greens Party member Dieter Janacek, the head of the digital affairs committee, the Berliner Zeitung newspaper reported.
German authorities discovered the IVBB hack in December, but the attackers may have been active at that point for upwards of a year already, according to media reports.
A total of 17 computers are believed to have been affected, including at least one machine apparently belonging to an employee of the Federal Ministry of Defense, Germany’s NDR/WDR reported Friday. The attack was part of a global operation that also targeted computers Scandinavian, South American and Ukrainian computer systems, the report said.
Palo Alto Networks, a U.S. cybersecurity firm, warned earlier this week that Fancy Bear hackers have been actively foreign affairs agencies and ministries in North America and Europe.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.