German government: Russia responsible for cyberattack on SPD party
In January last year, hackers attacked the email accounts of the SPD party. The German government is now “clearly” blaming Russia.
(Bild: zefart/Shutterstock.com)
The German government blames a unit of the Russian military intelligence service GRU for a cyberattack on the SPD at the beginning of last year. "Russian state hackers attacked Germany in cyberspace," said Foreign Minister Annalena Baerbock on Friday during her visit to Australia in Adelaide and announced consequences.
The SPD announced in June 2023 that email accounts of the SPD party executive had already been the target of a cyberattack in January. This was made possible by a security vulnerability at the software company Microsoft that was still unknown at the time of the attack, the SPD said at the time – and: "It cannot be ruled out that data was leaked from individual email inboxes."
Baerbock calls attack "completely unacceptable"
According to Baerbock, the investigations by the German government under the leadership of the Federal Foreign Office, known in diplomatic jargon as "attribution procedures", have now been completed. "We can now clearly attribute this attack from last year to the APT28 group, which is controlled by the Russian Secret Service GRU", said the Green politician at a press conference with her Australian counterpart Penny Wong in Adelaide when asked about the matter. "This is completely unacceptable and will not remain without consequences."
Baerbock did not say what these consequences might be. In such cases, it is customary for the ambassador of the country responsible to be summoned to the Foreign Office to lodge an official protest. The European Union has previously imposed sanctions on individuals or institutions in similar cases. Travel bans or the freezing of assets is conceivable.
APT28 became known for its attack on the Bundestag
According to the German Office for the Protection of the Constitution, the APT28 group has been active worldwide since at least 2004, primarily in the field of cyber espionage. In the past, it has also conducted disinformation and propaganda campaigns in cyberspace and is "one of the most active and dangerous cyber actors worldwide". The Federal Office for the Protection of the Constitution clearly attributes APT28 to the Russian military intelligence service GRU. The group, which also operates under the name "Fancy Bear", was already held responsible for a major cyberattack on the Bundestag in 2015 and later in the USA for an attack on the Democratic Party before the 2017 presidential election.
According to dpa, all German intelligence services were involved in the federal government's investigation, including the Office for the Protection of the Constitution, the Federal Intelligence Service and the Military Counterintelligence Service. According to previous findings, the attack on the SPD is said to have been part of a campaign by APT28 in several European countries targeting government agencies as well as companies involved in energy supply, IT, armaments and aerospace.
NATO is "deeply concerned"
The North Atlantic Council, NATO's most important decision-making body, had already expressed its "deep concern" about increasing Russian cyberattacks on Thursday evening – without providing details. A statement spoke of "hostile activities" directed against Germany, Estonia, Latvia, Lithuania, Poland, the Czech Republic and the UK.
"These incidents are part of an intensifying campaign of activities carried out by Russia throughout the Euro-Atlantic area, including in the Alliance area and via proxies. These include acts of sabotage, acts of violence, cyber and electronic disruption, disinformation campaigns and other hybrid operations," the statement said. The activities represented "a threat to the security of alliance partners".
(olb)