Hackers target German politicians

Hackers have leaked the personal data of hundreds of German politicians, journalists and celebrities. This is reported to be one of the worst cyber security breaches in Germany.

Background

A cyberattack is any type of offensive maneuver that targets computer information systems, infrastructures, computer networks, or personal computer devices. Depending on context, cyberattacks can be labeled as a cyber campaign, cyberwarfare or cyberterrorism. A cyberattack can be employed by nation-states, individuals, groups, society or organizations. A cyberattack may originate from an anonymous source.

A cyberattack may steal, alter, or destroy a specified target by hacking into a susceptible system. They can range from installing spyware on a personal computer to attempting to destroy the infrastructure of entire nations. Legal experts are seeking to limit the use of the term to incidents causing physical damage, distinguishing it from the more routine data breaches and broader hacking activities.

Cyberattacks have become increasingly sophisticated and dangerous.

Analysis

The leaked information included MPs’ mobile numbers and addresses, their emails, internet chats and credit card details. Copies of personal IDs and rental contracts, as well as voicemail messages from partners and children were also published.

All the country’s main political parties were affected, apart from the far-right Alternative for Germany. Some data belonging to Chancellor Angela Merkel was also leaked. German Justice minister Katarina Barley said the perpetrators “want to damage confidence in our democracy and its institutions”, and called for their political motives to be investigated as quickly as possible. “Criminals and their backers can’t be allowed to drive the debate in our country,” she added.

The leak, first reported by German broadcaster RBB Inforadio, was one of the most extensive data dumps Germany has experienced, affecting politicians at all levels of the parliamentary system — from town councils to the Bundestag in Berlin.

However, officials seemed at a loss to explain how it had come about, saying it was still unclear whether the leaked information had been obtained by hackers.

German media said the hackers had started to post data on Twitter on December 1 last year, although political parties only became aware of the leak on Thursday this week. It was designed to work like an Advent calendar, with new caches of information posted every day.

The initial targets were celebrities such as comedian Jan Böhmermann, the online video producer LeFloid and rapper Sido. From December 20 onwards, information about MPs was posted, including lawmakers from the European Parliament as well as the Bundestag and some of Germany’s 16 regional legislatures.

Authorities took the incident “very, very seriously”, said government spokeswoman Martina Fietz, and were “working hard” to investigate its “full scope and background” and offering assistance to those affected.

She confirmed that data relating to Ms. Merkel had also found its way into the public domain, although none of it was sensitive. She also warned that the information published on the internet should be treated with “considerable caution” as even seemingly authentic documents could contain “falsified data”.

Authorities said the hack was being investigated by Germany’s national cyber defence centre, which met for a crisis session. The country’s domestic intelligence agency and Federal Criminal Police Office were also involved.

The data breach comes three years after a major assault on the Bundestag’s computer network, which German security officials said was carried out by Russian-backed hackers seeking to meddle in the 2017 federal election. Russian operatives were also blamed for an attack on the German government’s IT system last year.

The mass-circulation Bild Zeitung said Robert Habeck, leader of the Green party, had been particularly badly affected by the data breach, with hackers leaking much of his digital communications with his family. Another prominent victim identified by Bild was Frank-Walter Steinmeier, Germany’s president.

Twitter’s European headquarters are in Dublin and the company’s operations throughout the EU are regulated by the Irish data protection commissioner under tough new pan-European privacy laws that came into force last year.

In a statement late on Friday, the Irish regulator said it was liaising with the German authorities about the leak: “The Irish data protection commission is engaging with the Hamburg data protection authority and providing assistance to progress this matter.”

Assessment

Our assessment is that Cyber threats are asymmetric and goes beyond networks. Germany is correct in anticipating future cyber-attacks on its digital infrastructure but appears that it is not fully equipped to handle such unpredictable attacks.  We believe that there are no perfect air gaps in cyber security and with the increased power of computing, it would not be too difficult to break an encryption.