After massive cyber attack, Germany’s security apparatus struggles to answer questions

EPA-EFE/CLEMENS BILAN

A view of the Twitter account 'G0d' (@_Orbit) in Berlin, January 4, 2019.

After massive cyber attack, Germany’s security apparatus struggles to answer questions


Share on Facebook
Share on Twitter
Share on Google+
Share on LinkedIn
+

Rocked by the aftershock of a massive cybersecurity breach that saw more than 1,000 politicians and public figures, including Annegret Kramp-Karrenbauer, Chancellor Angela Merkel‘s handpicked successor to lead the ruling Christian Democratic Party, personal data hacked at the weekend by an unidentified 20-year-old man, Germany’s interior ministry is now attempted to re-group and answer hard questions as to why the country’s formidable security agencies were unprepared for this type of attack.

Germany’s country’s cybersecurity agency believes that the man involved in the actual hack was attempting to commit espionage, though it remains unclear as to who he was working for and what information he specifically hoped to gather.

The breach was first uncovered when the phone numbers, contact information, IDs, passports, rental contracts, credit cards, and banking details, including Merkel and German president Frank-Walter Steinmeier, were posted online. Journalists who reviewed the information noted that the only political party that was not targeted by the incursion was the right-wing, Eurosceptic Alternative for Germany party.

Investigators traced the man through digital tracks he left on the internet, as well as by speaking to witnesses, including another unnamed 19-year-old man that the hacker had communicated with via an encrypted messaging service. The hacker, who used the pseudonyms “G0t” and “Orbit”, was arrested on January 6 after investigators searched his home. He later confessed to the cyber-attack and is now cooperating with the German authorities.

Hitting back at widespread criticism that the authorities had been woefully unprepared for a cyber attack, Interior Minister Horst Seehofer appeared to criticise German internet users for not having taken their own more robust security measures to help protect their personal data.

“Bad passwords were one of the reasons he had it so easy,” Seehofer said. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3’. A whole array of really simple things.”

Some in the government remain less-than-convinced that the proper precautions were taken to ensure that a lone computer hacker could not gain access to private files.

“It is outrageous that stolen data was present for days on the internet and the competent authority did nothing to inform and protect those affected,” said the Vice President of the Bundestag Thomas Oppermann. His comments were backed by Günter Krings, a member of the ruling Christian Democrats, who added, “The obligation of the federal government to inform parliament also applied between Christmas and New Year.”

Criticism of Seehofer and the interior ministry comes amid growing criticism of his own job performance, particularly after an incident in September 2018 when he controversially promoted the former chief of German intelligence, Hans-Georg Maassen, who questioned the authenticity of videos that showed far-right nationalists chasing immigrants in the eastern city of Chemnitz.

The Federal Office for Information Security came under fire after it admitted on January 7 that it knew about the attack since December and had already known about five isolated previous cases for weeks.

The latest incident comes just over a month after German security officials detected a major cyber attack against the email accounts of German lawmakers, as well as the military, and several German embassies by a Russian hacker group with ties to Moscow’s military intelligence wing, the GRU.

That attack occurred less than a year after the BfV, Germany’s intelligence service, said the Russian government was behind a cyberattack on German computer networks that was discovered in December 2017 and was also linked to the same hacker group that carried out the November 2018 breach.

 

 

Share on Facebook
Share on Twitter
Share on Google+
Share on LinkedIn
+