Hackers have attempted to breach the private email accounts of certain German parliamentarians, a spokesperson for the legislative body confirmed Friday, in the latest example of cyber campaigns aimed at German politicians.
German national security officials have briefed the parliament, known as the Bundestag, on the incident, and all the affected lawmakers have been informed, said Frank Bergmann, a Bundestag spokesperson.
It was not immediately clear whether the phishing attempts were successful, who was responsible or what their goal was. Spokespeople for the BSI, Germany’s federal cybersecurity agency, and the BfV, the country’s domestic intelligence agency, declined to comment.
The attempted intrusions comes six months ahead of Germany’s national elections. The German parliament has been a recurring target for foreign hackers, including a 2015 breach that the European Union blamed on Russia’s military intelligence agency. Since the Russian hack-and-leak operation aimed at the 2016 U.S. election, governments around Europe have braced for similar interference efforts in their politics.
The culprit in the latest attempts to snoop on German lawmakers is far from clear. German news outlet Tagesschau reported that a group dubbed Ghostwriter was responsible. Those attackers have a history of targeting people in Eastern Europe with information operations that further “Russian security interests,” cybersecurity firm FireEye has said. One of the more dramatic examples came in April 2020 when Polish officials suggested Russian hackers had planted a fake letter on the website of a Polish military academy critical of the U.S. military presence in Poland.
FireEye has not attributed the Ghostwriter campaign to a known hacking group, and German authorities have not publicly identified a culprit for the activity. CyberScoop could not independently confirm that the Ghostwriter attackers were responsible.
As a powerful member of the European Union, German government agencies and corporations regularly find themselves in the crosshairs of suspected Russian and Chinese espionage. Last year, German authorities uncovered evidence of “longstanding compromises” at German critical infrastructure companies at the hands of a Kremlin-linked hacking group, CyberScoop has reported.
More broadly, the BfV recently reiterated a warning about industrial espionage against German firms, which the intelligence agency said had only grown more acute during the coronavirus pandemic.