Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Germany Accuses Russia of Hybrid Warfare

Russia has been accused of waging its own brand of cyber hybrid warfare against Germany, with specific focus on next year’s elections. In particular, the APT28 (Fancy Bear) hacking group — thought to be linked to the Russian government — is accused of spreading propaganda and disinformation under the guise of ‘hacktivists’.

Russia has been accused of waging its own brand of cyber hybrid warfare against Germany, with specific focus on next year’s elections. In particular, the APT28 (Fancy Bear) hacking group — thought to be linked to the Russian government — is accused of spreading propaganda and disinformation under the guise of ‘hacktivists’.

The recent attack on Deutsche Telekom routers is thought by some experts to have emanated from Russia, but there is no proof. Last year’s attack against the German parliament, and attacks against German politicians in August, are also blamed on Russia. Speaking earlier this week, Chancellor Angela Merkel commented, “Such cyber-attacks, or hybrid conflicts as they are known in Russian doctrine, are now part of daily life and we must learn to cope with them.”

Now both the heads of the German foreign intelligence agency (BND), Bruno Kahl, and the domestic intelligence agency (BfV), Hans-Georg Maassen, have warned about increasing Russian cyber activity in Germany. 

Last week Kahl told the Süddeutsche Zeitung, “There are findings that cyber-attacks take place which have no other meaning than to create political uncertainty. There is a kind of pressure on public discourse and on democracy, which is unacceptable.” He added that there are indications of Russian involvement. “Attribution to a state actor is technically difficult, but there is some evidence that it is at least tolerated or desired by the state.”

Yesterday, however, a statement issued by the BfV was more forthright. “Since the start of the Ukraine crisis,” it started, “we have seen a significant increase in Russian propaganda and disinformation campaigns in Germany.” It warns of a broad spectrum of instruments and “an enormous use of financial resources on Russia’s part” designed to strengthen extremist groups in order to shape political discourse in Germany.

The statement names APT28 as using a campaign that is often executed as ‘false flags’. “This approach represents a previously unseen methodology in campaigns that are controlled by Russia.” Note however, that many experts believe that the attack against French television company TV5  was also a ‘false flag’: in reality APT28 pretending to be ISIS.

The statement goes on to say, “Spear-phishing against political parties and parliamentary groups have increased dramatically. They are attributed to the APT28 campaign, which was also responsible for the DNC hack. APT28 successfully exfiltrated data from the German Bundestag in 2015.”

Maassen describes the method and motivation behind the APT28 campaign. “Propaganda, disinformation, cyber-attacks, cyber espionage and cyber sabotage are part of hybrid threats against western democracies.” He points to social networks as the new way for people to share and consume information, adding that it provides the perfect entry point for disinformation and campaigns designed to reshape public opinion.

He also warns of an “increase in cyber espionage within the political arena”. Government officials, members of the Bundestag, and party workers all face a potential threat. “Stolen information could be used in the election campaign to discredit German politicians.”

The political theory is that Russia will benefit from a weakened European Union — already wounded by Brexit. By playing to European concerns over uncontrolled immigration and refugee support, and by fostering nationalism within individual member states — in this instance Germany — Russia will be able to weaken the existing European sanctions.

Russia denies involvement in hacking.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...