Media: Russian hackers attacked German Ministries of Defense and Foreign Affairs
Hacker group APT28, also known as Fancy Bear, has attacked the German Ministries of Defense and Foreign Affairs, reports news agency DPA citing sources in the defense sector. The magazine Focus carried the text from DPA. A number of companies in the cyber security field link APT28 with Russia.
The agency’s source said that the attack was discovered in December 2017. It was done using malicious software, and the hackers stole valuable data. The source noted that the attack could have gone on for a long time, perhaps even a year.
DPA noted that the hackers were able to penetrate the data transmission network of the federal administration of Berlin-Bonn. Since December 2017, German authorities have been trying to determine how deeply the hackers were able to penetrate the network. The Federal Office for Information Security and the Federal Office for the Protection of the Constitution are conducting the investigation.
The Berlin-Bonn network is a communications platform used by German authorities. It is used by the Federal Chancellery and federal ministries, the federal court and security agencies in Berlin, Bonn and elsewhere, as well as the Bundestag and the Bundesrat. It operates independently from other public networks.
In August 2017, it was reported that hackers from group APT28 made attempts to steal information from Western officials and businessmen when they were traveling throughout Europe. Analysts believe that the hackers monitored their activity on hotel WiFi networks when they stayed in them on business trips.
The hackers of APT28 are also called Fancy Bear, Sofacy, and Pawn Storm, and are blamed for the attacks on the German Parliament, the World Anti-Doping Agency (WADA), the OSCE, members of the U.S. Democratic Party, the electoral headquarters of Emmanuel Macron, and the Polish Foreign Ministry.