THE GERMAN GOVERNMENT has confirmed that its foreign and defence ministries are among several departments targeted in a major cyber attack.
On Wednesday, officials confirmed that attackers had managed to penetrate government computer networks. However, they claimed that it was an “isolated attack” and said it had been quickly shut down – although speculation has been rife that the attackers had access for a year or more.
The response to the attack, once it was discovered, caused disruption to a range of German government agencies.
A spokesperson said: “The attack was isolated and brought under control within the federal government” after the Interior Ministry responded “with high priority and significant resources”.
According to the Ministry, the attackers were able to access data held by the Foreign and Defence Ministries, but it did not reveal their identity, nor were they clear about the kind of data that was accessed.
Officials also failed to explain when the attack actually took place, but reports suggest that it happened in December and implied that the attack is believed to have been launched by Russian hacking group APT28.
The attack came as Germany’s various political parties continued wrangling over the formation of a new government.
Talks have been ongoing since the election in September, with the largest party, the CDU led by Angela Merkel, looking to form a coalition with the second-placed SPD, whose vote fell sharply. The two parties normally face each in mutual opposition.
It is thought that security officials have been gearing up for this sort of attack for a while. Jens Zimmermann, a member of the German Bundestag representing the Social Democrats, said that Germany’s Digital Agenda committee would lead high-level talks on Thursday. “The federal government must inform parliament comprehensively,” wrote Zimmermann on Twitter.”
Myles Bray, vice president of EMEA at cybersecurity firm ForeScout, said that the attack clearly showed that governments need to ensure they have the right resources in place to identify and respond to attacks.
“The German government hack underscores the importance of having a strong security posture that starts with a foundation of visibility – knowing exactly what devices are connecting to your network – to protect against the sophistication of modern cyberattacks,” he said.
Bray added that businesses should take note from these incidents: “While details are still emerging, there is speculation that the bad actors had access to the network for more than a year before being discovered,” he said.
“Today’s news is another wake-up call. If the government of one of the most developed nations in the world cannot protect itself, business leaders need to review their own security measures to make sure it is up to the task.” µ
Save this article