The German government, alongside the Czech Republic, the US Department of State, and NATO, has accused the Russian government of initiating cyberattacks against Germany’s defense and aerospace firms alongside the ruling Social Democratic Party of Germany (SPD) party on Friday.
Cyberattacks Amid a War:
NATO further claimed that entities in Lithuania, Poland, Slovakia, and Sweden, along with government bodies and “critical infrastructure operators,” have also been targeted in attacks organized by Russia, while the Russian Embassy in Germany called the accusations “another unfriendly step aimed at inciting anti-Russian sentiments in Germany.”
German officials have summoned the Russian envoy to the country to protest the supposed two-year-long cyber campaign against the nation and its partners, which was allegedly launched by Russia’s GRU intelligence agency.
This comes after discussions relating to Germany’s role in Ukraine were leaked by Russia following a technical blunder by a member of staff in late January. The leaked discussion, likely intercepted by chance through widespread surveillance, focused on the delivery of weapons for Ukraine and a potential strike by the Ukrainian military on a bridge in Crimea. The participant dialed into a Webex meeting (a web conferencing program used by the German government) from Singapore, where it was likely intercepted by Russian intelligence through regular intelligence gathering efforts.
Germany’s Defense Minister, Boris Pistorius, stated that Russia leaked the meeting in order to sow distrust between Germany and his allies. While Germany’s allies have expressed continued trust, some voices, like former British Defense Secretary Ben Wallace, have criticized Germany’s security measures, suggesting they are neither secure nor reliable.
Germany’s Ministry of Defense stated that companies in the logistics, defense, aerospace, and IT sectors, along with servers of companies in critical sectors, had been compromised, failing to mention the companies effected or the definite results from the cyberattack.
The Czech Republic corroborated these claims, stating that a number of Czech entities had been targeted in cyberattacks organized by Russia since 2023, while the British government has further claimed that Russia is undermining the democratic process of affected countries ahead of the European Parliamentary elections slated for June.
The group responsible is known as “Fancy Bear,” an organization affiliated with the GRU that used an exploit in Microsoft Outlook while utilizing a tool known as GooseEgg to compromise Outlook email accounts. Despite these compromises, the FBI released a statement detailing the bureau’s actions in preventing compromised accounts and devices from being used for cyberespionage.
Fancy Bear was also allegedly responsible for the hacking of 2016 presidential candidate Hillary Clinton’s emails, which led to a number of controversies in her campaign and led some to believe former President Donald Trump colluded with Russia to weaken his political opponent.
Analysis:
Russia remains one of NATO’s chief rivals in terms of cyber capabilities, with the Slavic nation having been responsible for a number of cyber attacks and espionage either directly through the Russian government or through contracted hackers.
These attacks, especially against the SPD, showcase Russia’s continued interest in skewing the upcoming European election in favor of pro-Russian parties in order to attain closer relations with the EU while also seeking to remove a key financier of Ukraine amid the ongoing Russo-Ukrainian conflict. Not only can these attacks successfully bring more pro-Russian politicians into the EU, they also have the possibility of ascertaining the support of NATO-aligned countries for Ukraine, allowing for the interception of various shipments entering Ukraine.
