Bundestag hack origin still a mystery as DE.gov techies pull out their hair
Extended metadata retention? If only it stops one ... etc etc
Two weeks on from the revelations of a serious cyber attack on the German Bundestag, insiders have told The Register that the tech department is “clueless” about what is going on.
On Friday it emerged that data had almost certainly been stolen.
As yet techies inside the Bundestag don’t know who is behind the attack – or even when it started.
The Trojan malware which penetrated the entire Bundestag network, including MPs' computers, could have been sitting on computers for months or even years. Sources say that the attack is a sophisticated one and not likely to be the work of “hobbyists”.
The implication is clear: MPs silently fear a national government is behind the breach. China, North Korea, the UK and the US all maintain significant “in-house” hacking capabilities.
Although staff at the Bundestag have been reassured that “countermeasures have been taken”, there is no indication when service as normal will resume. So severe is the problem that there have been whisperings of closing for the summer recess a month early.
Meanwhile, the president of the Bundestag, Norbert Lammert, informed staff that the powers that be have agreed to extend retention periods for log data of all staff. Some MPs are concerned about this and are worried that metadata retention of all websites they visit will become a permanent state of affairs.
Accessing the internet from the Bundestag is still “slow as hell” and the IT service says this is “due to security”, el Reg was told by a frustrated user.
In January, the Bundestag and German Chancellery were paralysed for several hours due to a coordinated cyber attack. At the time, a pro-Russian hacker group in Ukraine claimed responsibility. As German MPs get increasingly jittery, no such claims have been made this time. ®