Russian Hackers Believed to Have Breached into Several German Ministries


Germany is currently investigating a security breach of private networks of its defence and interior ministries as the news circulated in the German media blaming the Russian state sponsored hacking group known as APT28 or Fancy Bear.

"We can confirm that the Federal Office for Information Security (BSI) and intelligence services are investigating a cyber-security incident concerning the federal government's information technology and networks," Johannes Dimroth, a German interior ministry spokesperson has said. "The attack was isolated and brought under control," Dimroth added. The country is currently carrying out an "ongoing analysis" and taking safeguards to avoid this from happening again.

AMD CPU Vulnerability Found, Divulges Passwords As Non-Administrative User

The German news agency DPA first revealed that the hackers were able to steal data after breaching into these ministries' networks. Intrusion is believed to have been first spotted in December. The news agency said that Russian hackers infiltrated computers of the German Foreign Ministry, the Defence Ministry, the German Chancellery, and the Federal Court of Auditors. The report had also claimed that the Russian hackers possibly had access to these networks for nearly a year.

Not the first time Russian hackers are being blamed for a government attack

Earlier in 2015, Fancy Bear was also blamed for a similar attack on the lower house of the German parliament in 2015. In that attack, Russian hackers stole 17 gigabytes of data that could be used to blackmail politicians or discredit them similar to the group's US operations. However, if this new attack on multiple German ministries is confirmed, it would possibly be the biggest known attack to hit the German government.

Fancy Bear, known by several names, including STRONTIUM, Sofacy, Grizzly Steppe, Sednit, Tsar Team, and APT 28 is a cyber-espionage unit of the Russian foreign military intelligence agency, GRU. The group has been blamed for several high profile attacks, including the 2016 attack on the Democratic National Committee (DNC) in the United States that some believe swayed the election results.