Fancy Bear Strikes Again-Hacks into German Government

By:  |  Category: Blog, Security Thursday, March 1st, 2018  |  No Comments
Fancy Bear

Governments may be forced to go back to pen and paper in the near future just to protect their classified information.

According to the Department of Homeland Security, the German government recently confirmed that it suffered a large cyberattack which infiltrated federal computer networks in search of confidential information. Anonymous German law enforcement sources said that the Russia hacking group APT28, known as Fancy Bear, placed malware in a government network and infiltrated both the Foreign Ministry and the Defense Ministry.

Fancy Bear is one of the hacking groups operated by the GRU (Russia’s military intelligence branch), that conducted the 2016 hacking campaign of the DNC and the Hillary Clinton campaign. The Russian government hackers managed to infiltrate the German government’s “Informationsverbund Berlin-Bonn” (IVBB) network, a communication network which was specially designed as a secure communications platform.

The German news agency dpa, citing anonymous German law enforcement sources, reported that the malware may have been in the government’s networks for as long as a year before the government discovered the breach in December.

Reuters reports that the German security services reportedly allowed the malware to remain in the system until Wednesday to gather more information about the attack and the Russian government hackers who launched it.

Fancy Bear, which is one of the hacking groups operated by the GRU, conducted the 2016 hacking campaign of the DNC and the Hillary Clinton campaign as part of the Kremlin’s broad hacking and disinformation effort to secure the victory of Donald Trump in the November 2016 election.

The German Interior Ministry confirmed the attack without confirming the identity of the perpetrators.

“We can confirm that the Federal Office for Information Security (BSI) and intelligence services are investigating a cybersecurity incident concerning the federal government’s information technology and networks,” an Interior Ministry spokesman said.

The government departments targeted by the Kremlin had since taken measures to investigate the attack and better protect their data, the spokesman added.

It is unclear how much sensitive data was collected by the Kremlin hackers before they were intercepted.

Knowledgeable sources told Reuters that the Russian government hackers managed to infiltrate the German government’s “Informationsverbund Berlin-Bonn” (IVBB) network, a communication network which was specially designed as a secure communications platform.

To ensure its enhanced security, the IVBB network has operated separately from other public networks. The network has only a few users: the chancellery, the German parliament, federal ministries, the Federal Audit Office, and several security agencies located in Berlin and Bonn.
Government officials said that, on average, the IVBB network is being cyberattacked twenty times a day.

The German parliamentary committee overseeing Germany’s intelligence services is holding an emergency meeting to discuss the breach.

Fancy Bear has also attacked the email system of the German parliament in 2015, stealing tens of thousands of emails exchanged by members of the Bundestag – the Kremlin hackers would use the same cyberattack method a year later against the DNC and the Clinton campaign. The group also attacked the NATO headquarters in Brussels, and governments in several European countries.

According to Reuters, Fancy Bear’s 2015 penetration of the Bundestag was so damaging that it forced the German government to replace its entire IT infrastructure. (Looks like it might be time for another refresh!)

If you need assistance with your cybersecurity plan, give EnhancedTECH a call at 714-970-9330 or contact us at sales@enhnacedtech.com.

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller
Leave a Comment
Read previous post:
Online Business
It Takes Hackers About an Hour to Hit a New Online Business

How fast do Hackers start Attacking a New Business? According to new research, cyber-criminals start attacking newly set up online...

Close