Germany acknowledges cyberattacks on defense, foreign ministries

The German Interior Ministry confirmed on Wednesday that the country’s defense and foreign ministry databases were hacked, with information stolen.

German State Minister Ilse Agnier, L, Interior Minister Thomas de Maziere, C, and cybersecurity agency ZITiS chief Wilifred Karl, R, address a press conference in September 2017. On Wednesday the government acknowledged that its foreign and defense ministries were victims of cyberattacks. Photo courtesy of German Interior Ministry
German State Minister Ilse Agnier, L, Interior Minister Thomas de Maziere, C, and cybersecurity agency ZITiS chief Wilifred Karl, R, address a press conference in September 2017. On Wednesday the government acknowledged that its foreign and defense ministries were victims of cyberattacks. Photo courtesy of German Interior Ministry

The statement followed news from the Germany Press Agency, citing anonymous sources, that a Russian hacking group called APT28 successfully retrieved data from the Germany federal data network.

The cyberattack was first noticed by security officials in December and may have been in place for a year. It is unclear how much government data was stolen.

“We can confirm that the Federal Office for Information Security and intelligence services are investigating a cybersecurity incident concerning the federal government’s information technology and networks,” an Interior Ministry spokesman said on Wednesday. He added that the targeted ministries have investigated the cyberattack and added additional measures to protect data.

The hackers invaded the government’s “Informationsverbund Berlin-Bonn” network, a proprietary platform exclusively used by the Germany’s Chancellery — the government’s executive branch — as well as parliament, the Federal Audit Office and several security agencies in Berlin and Bonn, the German news outlet Deutsche Welle reported.

APT28, also known as Fancy Bear, has been linked to Russian intelligence and was identified as most likely to have conducted a 2015 cyberattack on the German parliament, as well as on NATO and several Eastern European governments. The attack on parliament prompted the German government to replace its entire information technology infrastructure.

By Ed Adamczyk