Cyber Expo

Russian hackers accused of breaking into German government IT systems

Written by David Adams
02/03/2018

Reports suggest Russian hacking group APT28 was responsible for cyber attacks on Germany’s foreign and defence ministries in December. German government officials confirmed this week that both ministries had been penetrated by cyber attacks, although they would not provide any further details. Although they claimed the attacks had been detected and mitigated quickly, there has been some speculation that the attackers may have had access to German government IT infrastructure and data for months.

Reports suggest that the attack took place in December and was launched by APT28, a group which has also sometimes been called Fancy Bear and Strontium; and is generally thought to be linked to Russian military intelligence. The same group, or attackers closely associated with it, is thought to have been responsible for a previous attack on the German government in 2014, as well as attacks on the White House, NATO, the Dutch government, the IOC, WADA; and perhaps most notoriously, the US Democratic National Committee, during the US presidential campaign.

The news follows reports in the US press last week, based on sources within US intelligence, that Russian hackers also targeted the Winter Olympics in South Korea – and sought to make it appear that North Korean hackers were responsible for the attack.

Earlier this month, the UK government publicly blamed Russia for the NotPetya malware attack that took place in June 2017 and caused significant disruption in computer systems of multiple businesses and other organisations across Europe, causing an estimated $1.2 billion worth of damage.