World News

Germany blocked Russian hacking attacks in 2016

BERLIN (Reuters) - Germany last year warded off two cyber attacks by APT28, a top official said Friday, referring to a Russian hacking group also dubbed “Fancy Bear” that experts say successfully targeted Hillary Clinton’s U.S. election campaign.

The first, in May 2016, was an attempt to create an Internet domain for Chancellor Angela Merkel’s Christian Democratic Union (CDU) party in the Baltic region, said Arne Schoenbohm, president of the Federal Office for Information Security (BSI).

The second attack, several months later, involved a spear-phishing scheme directed against German parties in the lower house of parliament, the Bundestag. Experts said that attack used a NATO domain name to try to inject malicious software into the networks of politicians.

The hacking of the Democratic National Committee in the United States and the leaking of confidential emails was part of what U.S. intelligence agencies concluded was a campaign ordered by President Vladimir Putin to influence the U.S. election in favor of Donald Trump.

The U.S. agencies warned in January that Russia was likely to target other countries in the same way - a concern for European governments in a year when France and Germany are holding major elections, with Merkel seeking a fourth term.

“Germany remains in danger in the cyber arena since we are highly digitized,” Schoenbohm told Reuters in an interview. “The more we digitize, the more dependent we become on networks, the greater the risk of attack.”

He said his agency was doing all it could to strengthen Germany’s defenses against such attacks by monitoring government networks and educating politicians and parties about how to protect their networks.

“We give them advice and help them with certain measures. But in the end, what each party does is its own responsibility,” Schoenbohm said.

Germany was working closely with authorities in the United States, France and elsewhere to compare notes about cyber attacks they had experienced.


APT28/Fancy Bear is the same Russian hacking group that officials say stole 16 gigabytes of data from the German parliament in 2015.

It also targeted the Organization for Security and Cooperation in Europe (OSCE) in December, according to U.S. and European security officials, and was responsible for leaking the medical records of top international athletes after Russia’s track and field team was banned from last year’s Olympics for doping.

In December, Germany’s BfV domestic intelligence agency reported a striking increase in Russian propaganda and disinformation campaigns it said were aimed at destabilizing German society, as well as cyber attacks targeted against political parties. It gave no details at the time.

Schoenbohm said neither of the 2016 attacks targeting Germany - or a string of others he did not detail - was successful, but it was unclear to what extent political parties might have experienced security breaches.

BSI experts will host a workshop next week for politicians in the state of North Rhine-Westphalia ahead of May 12 elections there, and a similar one for Bundestag members in Berlin.

Schoenbohm welcomed work by Merkel’s coalition on a law that would bolster security for a growing number of household appliances that linked to the Internet and therefore vulnerable to attack.

He said the law could include a BSI “seal of approval” to help consumers identify which gadgets were secure.

“The worst thing that could happen” would be that consumers withdrew from the so-called ‘Internet of Things’ for fear of being hacked, he said. “We want to have a successful digitization.”

Reporting by Andrea Shalal; Editing by Mark Trevelyan