Germany has accused Russian military agents of hacking the top echelons of Chancellor Olaf Scholz’s party, along with other sensitive government and industrial targets. The hacking campaign, attributed to Russian military cyber operators, involved exploiting Microsoft Outlook and persisted for months. The German Interior Ministry stated that the campaign began in March 2022, with emails at Social Democrat party headquarters accessed in December of the same year. Additionally, German companies in the defense and aerospace sectors, as well as targets related to the ongoing war in Ukraine, were also a focus of the cyber espionage.
The FBI led international efforts to shut down a botnet of compromised network devices used by the Russian hackers, known as APT28 or Fancy Bear, in late January. German Foreign Minister Annalena Baerbock condemned the hacking, attributing it to a unit of Russia’s GRU military intelligence. She stated that the actions were intolerable and unacceptable and would have consequences, without specifying what those consequences would be. The hacking campaign targeted various German government authorities, foundations, and associations, in addition to the Social Democrats’ executive committee.
The Council of the EU and the Czech Foreign Ministry confirmed that Czech institutions were also targeted by the same Russian hacking group. Both German and Czech officials noted that the GRU hackers exploited a previously unknown vulnerability in Microsoft Outlook. The EU strongly condemned the malicious cyber campaign by Fancy Bear against Germany and Czechia, emphasizing that such attacks would not be tolerated, especially as EU elections were upcoming in June. NATO accused Fancy Bear of targeting other national governmental entities, critical infrastructure operators, and other entities across the Alliance, including in Lithuania, Poland, Slovakia, and Sweden.
German Foreign Minister Baerbock’s visit to Australia, New Zealand, and Fiji focused on security policy, particularly in light of China’s increasing influence in the Pacific region. Baerbock highlighted the close defense cooperation between Germany and Australia, expressing a desire to deepen and expand it further to address shared threats. Discussions between Baerbock and her Australian counterpart Penny Wong centered on the conflict in Gaza, with both expressing support for a two-state solution as the path out of the cycle of violence in the Middle East. The visit marked the first time in 13 years that a German foreign minister had visited Australia, underscoring the importance of cooperation and dialogue on security issues.
In response to the cyber espionage, the North Atlantic Council, NATO’s principal political decision-making body, emphasized the need to employ necessary capabilities to deter, defend against, and counter cyberthreats. NATO stated its determination to support member countries, including considering coordinated responses to cyber incidents. The EU had previously imposed sanctions on individuals and entities associated with Fancy Bear for targeting the German parliament in 2015. The EU’s strong condemnation of the recent cyber campaign underscored its commitment to protecting member states from malicious cyber activities, especially with critical elections on the horizon.
The revelation of Russian military agents hacking German political parties, government entities, and industrial targets has heightened tensions between Russia and Germany, already strained due to Germany’s military support for Ukraine. The cyber espionage activities attributed to Russian hackers underscore the ongoing threat of malicious state-sponsored cyberattacks and the need for robust cybersecurity measures to protect critical infrastructure and sensitive information. The international response, including coordinated efforts by the FBI, the EU, NATO, and individual European countries, reflects a united front against cyber threats and a commitment to deterring and countering malicious cyber activities.
