Germany Protests to Russia Over Pre-Election Cyberattacks

Germany has protested to Russia over attempts to steal data from lawmakers in what it suspects may have been preparation to spread disinformation before the upcoming German election, the Foreign Ministry in Berlin said Monday.

Foreign Ministry spokeswoman Andrea Sasse said that a hacker outfit called Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations,” and that activities targeting Germany have been observed “for some time.”

She said that, ahead of Germany’s parliamentary election on Sept. 26, there have been attempts – using phishing emails, among other things — to get hold of personal login details of federal and state lawmakers, with the aim of identity theft.

“These attacks could serve as preparations for influence operations such as disinformation campaigns connected with the parliamentary election,” she told reporters in Berlin.

“The German government has reliable information on the basis of which Ghostwriter activities can be attributed to cyber-actors of the Russian state and, specifically, Russia’s GRU military intelligence service,” Sasse said. It “views this unacceptable activity as a danger to the security of the Federal Republic of Germany and for the process of democratic decision-making, and as a severe strain on bilateral relations.”

She said Germany calls on the Russian government to end such activity immediately, and has made that demand directly to Russian officials — most recently during a meeting on Thursday and Friday of a German-Russian working group on security policy, at which German deputy foreign minister Miguel Berger raised the issue with Russia’s deputy foreign minister.

Sasse wouldn’t comment on the extent of the cyberattacks or possible damage, saying only that they “are of course completely unacceptable, and that the German government reserves the right to take further measures.”

In mid-July, the head of Germany’s domestic intelligence agency said that since February his agency had seen activity focusing on phishing attempts on the private email accounts of federal and state lawmakers and their staff. But he said that very few of those attempts were successful, and in cases where they were successful it appeared little damage had been caused.

Germany’s concerns about Russian interference have extended to the activities of state-funded broadcaster RT, whose online-only German-language service has for years emphasized divisive issues such as migration and the restrictions imposed because of the coronavirus pandemic.

Chancellor Angela Merkel recently denied during a visit to Moscow that her government had exerted political pressure to block the station’s request for a regular broadcast license, which was turned down last month by authorities in neighboring Luxembourg.

Russian Foreign Ministry spokeswoman Maria Zakharova on Monday accused Germany of trying to suppress the channel, claiming that “it says what the German media dare not say.”

In the Sept. 26 vote, Germany will elect a new parliament that will determine who succeeds Merkel. She is not seeking another term after nearly 16 years in charge. The outcome is wide open, with polls showing the main parties fairly close together.

Related: Russia-Linked ‘Ghostwriter’ Disinformation Campaign Tied to Cyberspy Group