On Friday, Germany formally accused Russia of initiating cyberattacks targeting its defense, aerospace industries, and political entities, including the ruling party. These accusations extend to similar incidents in several other countries, with Germany hinting at potential retaliatory measures.
Sony and Apollo Eye Paramount in a $26 Billion Acquisition Deal
Amid these tensions, Russia’s embassy in Berlin refuted the allegations, labeling them as efforts to foster anti-Russian sentiment in Germany. The claims were supported by the Czech Republic, NATO, and the U.S. State Department, pointing to a concerted campaign affecting nations like Lithuania, Poland, Slovakia, and Sweden.
This wave of cyberattacks emerges amidst growing concerns over Russian cyber activities in Europe, especially after the 2022 invasion of Ukraine and in anticipation of upcoming European elections.
The German government has responded by summoning the Russian ambassador to protest against a two-year campaign allegedly orchestrated by a group linked to Russia’s GRU military intelligence.
Targets of these cyberattacks included Germany’s Social Democrats and firms across logistics, defense, aerospace, and IT, with critical infrastructure companies experiencing server breaches.
German Interior Minister Nancy Faeser emphasized that these attacks threaten the very trust in democratic processes, vowing a robust response to counter Russia’s cyber tactics.
Further accusations come from the Czech Republic about similar disruptions, emphasizing the gravity of these actions amidst electoral processes in Europe and ongoing conflicts involving Russia.
The UK also chimed in, accusing Russia of attempts to destabilize democratic systems, although without providing specifics.
Despite the severity of the attacks, it remains unclear if data was stolen when the senior members of Germany’s SPD had their email accounts compromised.
The group known as “Fancy Bear” or APT28, reportedly linked to the GRU, exploited an unknown flaw in Microsoft Outlook to access email accounts. This issue was partly mitigated by an international effort led by the FBI in January, preventing the compromised devices from being used in further cyberespionage.
Microsoft confirmed that a Russian entity, using the moniker GooseEgg since April 2019, had been involved in credential theft, as noted in a company blog post.
APT28, known for its global cyberespionage activities since 2004, is considered one of the top cyber threats by Germany’s intelligence services.
The U.S. has previously identified Fancy Bear as the group behind the 2016 email hacks of Hillary Clinton’s campaign staff and the leak of confidential data from the World Anti-Doping Agency concerning U.S. athletes. The FBI has since taken action against the domain used for disseminating the stolen data.
