Putin's cyber attack

We have been attacked! EU states sound the alarm

The hacker group APT28 is attributed to the Russian military intelligence service GRU.

(Bild: AFP/NATALIA KOLESNIKOVA)

Germany, the Czech Republic and Poland have announced that they have been attacked on a large scale by a Russian hacker group. The perpetrators are attributed to Putin's military intelligence service. There is great outrage in the EU and the USA, and the timing in particular is a cause for concern.

Germany has made massive accusations against Russia in connection with cyber attacks against the government, political parties and companies and has announced consequences. Other European countries such as the Czech Republic and Poland are also affected. NATO, the USA, the EU and Austria have expressed their outrage. The Russian embassy rejected the accusations.

The US government is joining Germany in attributing "specific malicious activities directed against a German political party" to the APT28 group, the US State Department announced on Friday.

Russians exploited security vulnerability in Outlook
The campaign is aimed at government agencies and companies in the fields of logistics, defense, aerospace, IT services, foundations and associations. The Russian hacker group APT28, which is associated with the Russian secret service GRU, had exploited a critical vulnerability in Microsoft Outlook for cyber attacks "over a longer period of time".

Context

• All three countries affected are among the biggest supporters of Ukraine.
• TheCzech Republic is scraping together any available artillery ammunition for Ukraine on the world market and is taking rigorous action against Russian propaganda in its own country.
• Poland recently elected a pro-European head of government, Donald Tusk, who is firmly on Ukraine's side. The small town of Rzeszow is also considered one of the most important hubs for Western aid.
• Germany is the most important financier of the Ukrainian defense within the EU.

According to reports, company servers have been compromised, but the parties involved did not provide any details for security reasons. According to the German Foreign Ministry, it has summoned the chargé d'affaires of the Russian embassy.

Austria outraged by the action
The Austrian Foreign Ministry stated on X: "Austria strongly condemns Russian cyber campaigns against EU member states, including attacks on state institutions and political actors. Together with our partners, we are determined to prevent, deter and respond to such unacceptable malicious behavior."

Together with the US Federal Bureau of Investigation (FBI) and other services, it has been possible to disable devices that were used for attacks, according to Berlin. However, the APT28 group is still active and is one of the most dangerous international hacker groups.

Russian cyber attacks are a threat to our democracy.

Deutschlands Innenministerin Nancy Faeser

Bild: AFP

"The Russian cyber attacks are a threat to our democracy, which we are resolutely countering. We are acting side by side within the EU, NATO and with our international partners," said German Interior Minister Nancy Faeser in Prague.

EU elections in focus?
The Czech and Polish governments also announced that they were affected. The timing is particularly worrying - due to the upcoming European elections at the beginning of June and the Russian disinformation campaigns that have already been uncovered.

"The malicious cyber campaign demonstrates the ongoing pattern of Russia's irresponsible behavior in cyberspace, targeting democratic institutions, government agencies and critical infrastructure providers across the European Union and beyond," said EU foreign policy chief Josep Borrell.

Baerbock threatens "consequences"
Germany's Foreign Minister Annalena Baerbock (Greens) had condemned the hacker attacks during her trip to Australia and pointed out that the SPD, for example, had been attacked last year.

"We can now clearly attribute last year's attack to the APT28 group, which is controlled by the Russian military intelligence service GRU," she said. It was therefore clear that Russian state hackers had attacked Germany in cyberspace. "This is completely unacceptable and will not remain without consequences," Baerbock added.

Last summer, the SPD announced that email accounts at the party headquarters had been the target of a cyber attack in early 2023. This was made possible by a security vulnerability in the Microsoft software company that was still unknown at the time of the attack, it was said at the time.

SPD leadership considers itself a logical target
SPD General Secretary Kevin Kühnert was not surprised by the investigations on Friday. Russian President Vladimir Putin is attacking the German governing party SPD "because we embody the defensive democracy in Germany in a special way", he explained. "The fact that Putin is attacking social democracy reveals both his fear and our political strength." Party leader Lars Klingbeil told the Kölner Stadt-Anzeiger newspaper: "It is obvious that Putin's regime does not like how clearly we have stood by Ukraine."

The Russian embassy in Berlin categorically rejected the accusations as "baseless and unfounded" and denied any involvement of "Russian state structures" in the activities of the APT28 group.