Security

German government confirms hackers blitzkrieged its servers to steal data

Probably-Russian Fancy Bear team fingered for attack

By Iain Thomson in San Francisco

12 SHARE

The German Interior ministry has confirmed that it has identified a serious attack against its servers, amidst reports that the culprits were the Russian APT28 – aka Fancy Bear – hacking group.

On Wednesday local news site DPA International reported that the German government discovered a serious intrusion into its servers in December 2017. The attack is thought to have seen data exfiltrated for up to a year before its discovery.

Johannes Dimroth, a spokesman for the ministry, confirmed that "government information technology and networks," had been affected by an intrusion. "The incident is being treated as a high priority and with substantial resources," he said.

Fancy Bear has been active for at least a decade. Its activities have often non-Russian government targets. The group was fingered for the Democratic National Committee hack ahead of the 2017 US Presidential election, attacks during the 2017 French election, brazen rummaging in Finnish security forces' servers and even attacks on the sports doping authorities.

In December 2016 Germany's Federal Office for the Protection of the Constitution took the unusual step of issuing a public warning about hacking ahead of national elections in September 2017. That warning named Russia as the likely culprit.

Russia has always denied that it has anything to do with Fancy Bear, but the types of malware used, the software and coding styles, and its choice of targets suggest that Putin and his pals might have Fancy Bear dancing to their tune.

This latest attack on Germany will not serve to warm relations between these two historical enemies. With Russia looking to take an increasingly muscular role in European affairs, hopefully such conflicts will not leave the online realm. ®

Sign up to our NewsletterGet IT in your inbox daily

12 Comments

More from The Register

Ugh, of course Germany trounces Blighty for cyber security salaries

Britons never, never, never shall be wage slaves. Oh wait

Germany slaps ban on kids' smartwatches for being 'secret spyware'

Hands up, whose parents are listening in on this class?

Germany to roll out €100bn gigabit internet network

Preparing for the Internet of Things

Germany says NEIN to purchase incentive for Tesla Model S

Turns out you can't have all the subsidies after all, Musk

Tick-tick... boom: Germany gives social media giants 24 hours to tear down hate speech

Get used to hearing once again: 'We were only following orders'

Germany puts halt on European unitary patent

Constitutional Court slams brakes on UPC – but why?

Time's up: Grace period for Germany's internet hate speech law ends

Twitter, Facebook boot off far-right politician over racist tweet

Autsch! Germany slaps Facebook in its abusive little face for 'limitlessly amassing data'

Monopoly watchdog nicht glücklich about Zuck's info suck

Germany gives social networks 24 hours to delete criminal content

Schnell! Designated complaint handlers could cop €5m Euro fine, networks could wear €50m

We see you, ransomware flingers, testing out your baddest stuff on... Germany?

Securobods file data hostage report