Author: Not mentioned
Posted on: DW.com | February 28th, 2018
German security services have admitted they uncovered a Russian cyberattack on the Foreign and Defense ministries in December. Sources say the malware had been planted up to a year earlier.
The German government admitted on Wednesday that the Foreign and Defense ministries had been infiltrated by Russian hacking group APT28.
Citing anonymous sources, the German news agency dpa reported the group likely placed a piece of malware on a key government network. The malware could have remained the government’s networks for as long as a year, security officials said. How much data was intercepted in that time remains unclear.
Hacker reportedly infiltrated the government’s «Informationsverbund Berlin-Bonn» (IVBB) network, a specially designed communications platform that sits separate from other public networks for security purposes. It’s used exclusively by the Chancellery, federal ministries, the Federal Audit Office and several security institutions in Berlin and Bonn.
APT28, also known as Fancy Bear, has been linked to Russian military intelligence. The group was identified as the likely source of an attack on the German parliament in 2015, and on NATO and governments in eastern Europe.
The group’s 2015 attack on the Bundestag was so far-reaching that the German government was forced to replace its entire IT infrastrucutre. The government says it receives roughly 20 attempted hacking attacks per day, while German intelligence services also carry out penetration tests once per week.