The defenders of German democracy, the Federal Office for the Protection of the Constitution - Germany's security agency. (Photo: Olaf Kosinsky) 

Germany's Cyberwar

Hans-Georg Maaßen, the head of the Federal Office for the Protection of the Constitution (Verfassungsschutz), Germany's security agency, recently declared that "cyberspace is a place of hybrid warfare" and that secret information in government, administration, business, academia and research in Germany is "permanently threatened". 


This was a reaction to Russia's increasing willingness to collaborate with hacker groups and sabotage essential infrastructure. 

by the Know Nothing Enquirer    15/05/2016

Maaßen's statement came only shortly after Ursula von der Leyen, Germany's minister of defence, announced that the country would severely extend its "offensive cyber capabilities". This would be centralised in a new unit of the Bundeswehr with up to 13,500 IT specialists. The army already has a comparatively tiny cyberwarfare department that is largely acts defensively. The Federal Office for Information Security (BSI) is in charge of protecting the computer and communication networks of the German government. In 2014, the Federal Intelligence Agency (BND), Germany foreign intelligence agency, was allocated a budget of 300 million Euros to expand the country's ability to defend itself in cyberspace, especially critical infrastructure. 


This is not the first time Russia has been accused of using sabotage cyberattacks against Western countries, even though in most of the instances there is not enough evidence to tell whether they are truly state sponsored. In 2003 in one of the first major attacks, Chinese hackers (what is known as Titan Rain) attacked computer networks of United States defence contractors and gained access to sensitive information. In 2007, Russian hackers launched an extremely sophisticated attack against Estonia, targeting government institutions, businesses and newspapers. In 2009, Chinese and Russian hackers allegedly managed to intrude into the US electric power grid system, possibly leaving behind software to affect the grid. An apparent Russian attack successfully attacked Ukraine's power grid last Christmas, leaving over 230,000 people without electricity. 


Russia and China are not the only countries using cyberwarfare against other countries. Stuxnet, a US-Isreali cyber weapon, was used to sabotage Iran's nuclear programme to make it look like an unfortunate string of events instead of a cyberattack. Last year, French international television network TV5Monde was the target of a cyberattack by the Islamic State (IS). The hackers were able to halt live broadcasting and hijack the network's websites and social media pages for several hours.

The intensity of cyberattacks against Germany has greatly increased. According to the 2015 BSI IT security situation report, on average 15 cyberattacks were launched against government networks every day in Germany - with over 180 attacks from foreign security agencies per year. Russian hacker groups Pawn Storm, Sofacy and APT28, who are also accused of being responsible for the Ukraine power outage, have attacked several German institutionsAccording to DLF, the attacks can be clearly traced back to Russian military security agencies. In early 2015, the Bundestag server that runs the internal Perlakom network was the target of the hackers. All MPs, ministers, chancellor Angela Merkel and other parliamentary institutions are connected to the server. The system was gradually attacked over several weeks before it was eventually found in May. The servers had to be switched of for several days to enable their security. In August 2015, several military institutions were attacked by the same hackers. 


Now it has been revealed that the latest attack by the group was against Merkel's CDU party head office in Berlin. Apparently the phishing attacks started in early April using servers located in the Netherlands and Latvia. The users of the CDU system believed they were logging into the party website, whereas in reality they were on a mirrored site with the only intention of stealing their data. According to Maaßen, there are imminent attacks against German energy firms. 

The news magazine, Der Spiegel, warns that hacker groups active in organised crime and the security agencies are collaborating in Russia. According to the leaked US diplomatic cables, Russia's security agencies act in a "virtual mafia state". The Russian state is "using the mafia for its dirty work" and has set up a "protection racket" for criminal networks. The Wikileaks documents also revealed that the Federal Security Service is part of a parallel tax system to enrich state officials. The recent Panama Papers leak showed that high ranking Russian officials, including Vladimir Putin, have amassed huge fortunes that grossly outweigh their official incomes. The Russian government denies these allegations (the offshore companies are not directly held by Putin) and claims the leaks are an American conspiracy. 


Russia's hostile actions in cyberspace are seen as an increasing threat by German officials. Maaßen's recent speech made this very clear. Von der Leyen's announcement of tremendously increasing the Bundeswehr's cyberwarfare ability is a further sign that Germany is finally entering the cyber arms race started by the US, Russia and China. The programme will significantly increase Germany's ability to not only act defensively but also offensively in cyberspace. This also comes at a time where terrorist organisations, such as the IS, are also turning to cyberattacks to access sensitive information and manipulate systems.