Stealthy Assaults and Digital Sabotage: The Covert War Against Germany, courtesy of Russia
Russia's Aggressive Assault on Germany Already Underway
By Volker Petersen
Germany's kinetic confrontations with Russia might not be as obvious as armored tanks rolling across borders or artillery bombarding cities, but they are happening - a new kind of Cold War 2.0. The Kremlin has set its sights on espionage, sabotage, and cyber warfare, a troubling reality as reported by ntv.de.
In the summer of 2024, Leipzig's airport witnessed an odd incident. A package mysteriously caught fire in a container, destined for London via air freight. However, it didn't quite make it that far. The firefighting efforts took hours to control, and it was no coincidence. The Federal Public Prosecutor's Office is investigating, suspecting that the Russian military intelligence service GRU orchestrated this explosion, a case of sabotage, not an isolated one. Similar packages ignited in Birmingham and Warsaw, indicating a pattern.
Business Under Fire
Russia's attacks against Germany are much different from their military incursions in Ukraine. These tactics involve espionage, sabotage, and cyber warfare, as outlined in the latest constitution protection report. The Russians seem indiscriminate with their targets, especially German politics being under constant surveillance. The internet provides them a convenient hunting ground for German data, a playground for Russian hackers and cybercriminals with intelligence service assignments.
"The situation is tense," said Claudia Plattner of the Federal Office for Information Security (BSI) during a federal press conference. She, along with Michael Fübi from TÜV Rheinland, presented a study on the cybersecurity of German companies. Attacks using ransomware are the most notable issue, but state actors operating espionage and sabotage are a significant concern. Alongside Russia, China, Iran, and Turkey are particularly active in these operations, according to the constitution protection report.
Political Target Practice
Russia can score remarkable victories in the cyber realm. In 2015, the Bundestag became a target, and in 2023, the SPD suffered an attack. The assault was attributed to the cyber group APT 28, also known as "Fancy Bear" or "Sofacy." APT 28 is connected to the GRU. In 2024, the CDU became the latest victim of a cyber attack, with suspicion quickly pointing towards Russia.
Disinformation landscape
On the internet, Russia does more than just steal data; they also sow disinformation and propaganda. Telegram has emerged as a crucial platform in this regard. The case of "Voice of Europe" stirred controversy. Pretending to be a genuine news portal, "The Voice of Europe" initially propagated pro-Russian stances, primarily on the Ukraine war, from the Netherlands and later from Prague. However, it seems their activities went beyond mere opinion-peddling. Before the European elections in 2024, right-wing political leaders across Europe received funding from Russia. The Petr Bystrom case drew attention in Germany, with the AfD member of the Bundestag running for the European Parliament and frequently appearing on "Voice of Europe." Bystrom denies any wrongdoing, but the European Parliament has lifted his immunity due to ongoing investigations.
Economic adversaries are the primary targets of these cyber attacks, with German companies of interest to Russia, particularly those from the arms industry, Prime targets. Even common ransomware attacks are part of the intelligence agencies' business strategy. In these attacks, cybercriminals cripple the IT systems of companies and demand a ransom, a significant challenge for the German economy. As evidenced by a new study by TÜV Rheinland, 15 percent of the companies surveyed over the past 12 months were affected by cyberattacks, a notable increase of four percent compared to 2023.
Protective Measures Lacking
Many companies remain overconfident about their IT security despite the mounting threats. Nearly 91 percent rated their security as good or excellent, surprising Claudia Plattner from BSI during the press conference. "That's a bit of wishful thinking," she stated. Often, small companies fail to meet even half of the requirements in the BSI's cyber risk check, a basic expectation in IT security. The 'seahorse' serves as an analogy for young swimmers, denoting the absolute entry level in IT security.
The federal government should promptly implement the EU directive "Network and Information Security" (NIS 2), aiming to boost cybersecurity across Europe, particularly for critical infrastructure such as airports, power plants, etc. Additionally, there's a need for clarity on who is responsible - the new digital ministry or the interior ministry? The topic of artificial intelligence is crucial, both for attackers and defenders.
Germany's Interior Minister, Alexander Dobrindt, promised swift action to counter such attacks. "As interior minister, I want to ensure that the security authorities are ready to face these threats," he stated. "We need to modernize technologically, legally, and organizationally in Germany." Artificial intelligence must be employed more extensively in intelligence services, with substantial financial investments backing this initiative. Nevertheless, the timeline for concrete action remains uncertain. One thing is clear: The next, unwelcome assault from Russia is imminent.
Sources:
- ntv.de
- Federal Office for Information Security
- IT security
- Cybercrime
- Cyberwar
- Russia
Additional Insights:
- According to reports, Russia has been involved in various cyber activities in the past, including espionage and sabotage.
- Germany, along with other NATO countries, remains vigilant against such cyber threats.
- The lack of detailed, up-to-date reporting about recent Russian cyber attacks against Germany from German news sources makes it difficult to provide specific information. However, past incidents share similarities with the cases reported by ntv.de, indicating a more extensive and ongoing pattern.
- The Commission, in its communication on the future of the European Union, has emphasized the importance of reinforcing the Union's cybersecurity, acknowledging the growing threats in the political, technological, and general-news spheres, particularly crime-and-justice.
- In light of the alarming increase in cyber attacks against German companies, especially those in the arms industry, the European Union's Network and Information Security (NIS 2) directive is expected to provide significant reinforcement to cybersecurity across critical infrastructure, such as airports and power plants, within the Union.
- The General Public Prosecutor's Office is conducting investigations on numerous occasions where Russian military intelligence service GRU is suspected of using cyber warfare tactics, including sabotage, as evidenced by the Leipzig airport incident and similar cases in Birmingham and Warsaw.
