Advertisement

Hackers target German lawmakers in an election year

It was not immediately clear who was responsible, but the German parliament is a perennial cyber-espionage target.
Bundestag
(Getty Images)

Hackers have attempted to breach the private email accounts of certain German parliamentarians, a spokesperson for the legislative body confirmed Friday, in the latest example of cyber campaigns aimed at German politicians.

German national security officials have briefed the parliament, known as the Bundestag, on the incident, and all the affected lawmakers have been informed, said Frank Bergmann, a Bundestag spokesperson.

It was not immediately clear whether the phishing attempts were successful, who was responsible or what their goal was. Spokespeople for the BSI, Germany’s federal cybersecurity agency, and the BfV, the country’s domestic intelligence agency, declined to comment.

The attempted intrusions comes six months ahead of Germany’s national elections. The German parliament has been a recurring target for foreign hackers, including a 2015 breach that the European Union blamed on Russia’s military intelligence agency. Since the Russian hack-and-leak operation aimed at the 2016 U.S. election, governments around Europe have braced for similar interference efforts in their politics.

Advertisement

The culprit in the latest attempts to snoop on German lawmakers is far from clear. German news outlet Tagesschau reported that a group dubbed Ghostwriter was responsible. Those attackers have a history of targeting people in Eastern Europe with information operations that further “Russian security interests,” cybersecurity firm FireEye has said. One of the more dramatic examples came in April 2020 when Polish officials suggested Russian hackers had planted a fake letter on the website of a Polish military academy critical of the U.S. military presence in Poland.

FireEye has not attributed the Ghostwriter campaign to a known hacking group, and German authorities have not publicly identified a culprit for the activity. CyberScoop could not independently confirm that the Ghostwriter attackers were responsible.

As a powerful member of the European Union, German government agencies and corporations regularly find themselves in the crosshairs of suspected Russian and Chinese espionage. Last year, German authorities uncovered evidence of “longstanding compromises” at German critical infrastructure companies at the hands of a Kremlin-linked hacking group, CyberScoop has reported.  

More broadly, the BfV recently reiterated a warning about industrial espionage against German firms, which the intelligence agency said had only grown more acute during the coronavirus pandemic.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts