Germany accuses Russia of cyber attack

Germany’s top diplomat yesterday said Russia will face consequences after accusing its military intelligence service of the “absolutely intolerable” hacking of domestic targets, including the governing coalition’s leading party.

Nato and European Union member countries said they won’t let Russia’s “malicious” cyberspace behaviour go unanswered.

Relations between Russia and Germany were already tense, with Germany providing military support to Ukraine in its ongoing war with Russia.

German foreign minister Annalena Baerbock said Russian state hackers were behind the hacking of emails of the Social Democrats, the leading party in the governing coalition.

Officials said they did so by exploiting Microsoft Outlook.

The German Interior Ministry said in a statement that the hacking campaign began at least as early as March 2022 – a month after Russia’s full-scale invasion of Ukraine – with emails at Social Democrat party headquarters accessed beginning that December.

It said German companies, including in the defence and aerospace sectors, as well as targets related to the war were also a focus. The statement said international efforts led by the FBI shut down in late January a botnet of compromised network devices used by the Russian hackers – known as APT28 or Fancy Bear – in the cyberespionage scheme.

“Russian state hackers attacked Germany in cyberspace,” Ms Baerbock said at a news conference in the Australian city of Adelaide.

She attributed the hack to a unit of Russia’s GRU military intelligence unit.

“This is absolutely intolerable and unacceptable and will have consequences,” she said.

The Council of the EU and the Czech Foreign Ministry said Czechia’s institutions have also been targeted by the same group. Both German and Czech officials said the GRU hackers leveraged a previously unknown vulnerability in Microsoft Outlook.

In a statement by the EU’s top diplomat, Josep Borrell, the bloc’s nations said they “strongly condemn the malicious cyber campaign” by Fancy Bear “against Germany and Czechia”.

The EU noted that it had previously imposed sanctions on individuals and entities associated with the group for targeting the German parliament in 2015. It said it will not tolerate the continuation of such attacks, particularly with EU elections upcoming in June.

Nato accused Fancy Bear of targeting “other national governmental entities, critical infrastructure operators and other entities across the alliance,” including in Lithuania, Poland, Slovakia and Sweden.

“We are determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyberthreats to support each other, including by considering coordinated responses,” said the North Atlantic Council, the principal political decision-making body within Nato.

Meanwhile, private houses and infrastructure facilities were damaged in Ukraine’s central Kirovohrad region as a result of a Russian missile attack yesterday, a local official said.

One person was severely injured, the regional governor said on Telegram messenger.

Russia has stepped up its missile attacks on Ukraine in the past months, causing severe damage to the already devastated energy grid and infrastructure while Kyiv faces a severe shortage of air defences.

Get ahead of the day with the morning headlines at 7.30am and Fionnán Sheahan’s exclusive take on the day’s news every afternoon, with our free daily newsletter.