- Germany accuses Russia of sponsoring cyberattacks against political entities
- APT28, linked to Russian military intelligence, targets German and Czech institutions
- European Union and NATO condemn cyber campaigns attributed to Russia
Germany has issued a warning that “state-sponsored” Russian hackers were responsible for an “intolerable” intrusion against Social Democratic Party (SPD) members, threatening repercussions.
Foreign Minister Annalena Baerbock announced on Friday that a federal German investigation into the perpetrators of the 2023 cyberattack against the SPD, a major coalition partner, had reached its conclusion.
A definite conclusion can be drawn today that this cyberattack has been orchestrated by the APT28 group, which is under the direction of the Russian military intelligence service,” she stated at a news conference in Adelaide, Australia.
“In other words, the cyberattack on Germany was sponsored by the Russian government; this is into no way acceptable or tolerable, and it will have repercussions.”
Pawn Storm, also referred to as APT28 or Fancy Bear, has been implicated in dozens of intrusions across the globe.
Last year, the attack on the SPD of German Chancellor Olaf Scholz was publicly disclosed and attributed to a previously unidentified Microsoft Outlook vulnerability.
The Federal Ministry of the Interior of Germany reported that the attacks targeted German corporations, including those in the defense, aerospace, and information technology industries, in addition to targets associated with Russia’s conflict in Ukraine.
The campaign, according to German Interior Minister Nancy Faeser, was initiated in 2022 and was coordinated by the Russian military intelligence service GRU.
A spokesperson for the German Federal Foreign Office confirmed on Friday that the Russian embassy in Berlin has called upon its interim charge d’affaires.
The spokesperson stated that the cyberattack demonstrated “that the Russian threat to peace and security in Europe is real and enormous.”
Russia has refuted previous accusations of involvement in cyberattacks made by Western governments. Its embassy in Germany issued the following statement on Friday: “The allegations that Russian state structures were involved in the incident in question were categorically rejected as unfounded and baseless.”
The Ministry of Foreign Affairs of the Czech Republic announced on Friday that, beginning in 2023, APT28 also targeted the nation’s institutions by exploiting a Microsoft Outlook vulnerability.
“In addition to posing a threat to national security, cyberattacks that specifically target political entities, state institutions, and critical infrastructure disrupt the democratic processes that form the foundation of our free society,” the ministry stated. No information was provided regarding the targets.
The European Union condemned the “malicious cyber campaign conducted against Germany and the Czech Republic by the Advanced Persistent Threat Actor 28 (APT28), which is under the control of Russia.”
“Other national governmental entities, critical infrastructure operators” were the targets of APT28, according to NATO, which included Lithuania, Poland, Slovakia, and Sweden.
The North Atlantic Council, NATO’s political decision-making body, stated, “We are determined to employ the necessary capabilities to deter, defend against, and counter the entire spectrum of cyberthreats in support of one another, including by considering coordinated responses.”
“Concrete signs” originating from Russia
A German media outlet reported last year that CERT-EU, the European Union’s computer security response unit, had identified an SPD executive as the target of a cyberattack in January 2023, which “could potentially lead to data exposure.”
“Take a step towards financial freedom – claim your free Webull shares now!”
It claimed “concrete indications” that the object was indeed of Russian origin.
Baerbock spoke after a meeting with Penny Wong, the Foreign Minister of Australia. Wong stated, “Australia, along with the United States, United Kingdom, Canada, and New Zealand, has previously ascribed malicious cyberactivity to APT28.”
The accusation that Russian hackers are conducting espionage on Germany is not unprecedented.
Then-Chancellor Angela Merkel announced in 2020 that Germany had discovered “hard evidence” that she had been targeted by Russian cyberattacks.
A notable occurrence to date ascribed to Russian hackers was a cyber assault in 2015 that rendered the computer network of the Bundestag, the lower house of parliament in Germany, paralyzed. As a result, the Bundestag was compelled to remain offline for several days during the necessary repairs.