German Chancellor Confirms Russian Cyberattack from 2015

News

German Chancellor Angela Merkel confirmed last week that hackers tied to the Russian military intelligence, GRU, have compromised her email accounts and those of other Bundestag lawmakers back in 2015.

May 18th, 2020
Cybercrime Police

Merkel was unusually critical of Russia while answering a lawmaker’s question about the results of an investigation into the 2015 Der Spiegel magazine report that claimed “email data were copied during a cyber attack on the German Bundestag.”

The chancellor said that such hacking attacks “certainly do not make it easier” to pursue improved ties with Moscow.

According to Der Spiegel, security experts believe that the attack was carried out by the so-called Fancy Bear or APT 28, also known as Sofacy Group, tied to Russia's secret service.

“I can honestly say, it pains me,” Merkel told the Bundestag.

She added that on one hand she strives daily for a better relationship with Russia, “but then on the other we see that there is solid evidence showing that Russian forces are also involved in such activities.”

“This really does add tension to our work towards and our desire for better relations with Russia,” she said.

“I find it quite uncomfortable,” Merkel said.

Russia has been denying any ties to the cyberattacks, with media still reminding on a rather ironic statement of the Russian Foreing Ministry’s Spokeswoman Maria Zakharova, who said two years ago that Russians “broke into the Bundestag only once, in 1945, while liberating Berlin from the Nazi scourge.”

Russian Foreign Minister Sergey Lavrov called Merkel’s allegations “baseless,” in an interview with the Russian media outlet RBK.

He reminded on the 2013 case of Edward Snowden, when the US whistleblower leaked US National Security Agency’s classified documents, according to which the US was wiretapping Merkel.

“Just a year later, German prosecutor closed the case, as they could not prove the allegations,” Lavrov said.

The same, as he added, will happen with the alleged Russian involvement in hacker attacks, as “there is no evidence.”

Merkel said that the official investigation resulted in a warrant issued against one suspect. Earlier this month German newspaper Sueddeutsche Zeitung identified him as Dmitriy Badin - the same Russian operative wanted by the FBI for hacking into Hillary Clinton’s and the Democratic Party’s email servers four years ago.

The Department of Justice indicted Badin in 2018 together with another 11 Russian military intelligence officers “for their alleged roles in interfering with the 2016 United States elections.”

According to the FBI, Badin is accused of “a computer hacking conspiracy involving gaining unauthorized access into the computers of US persons and entities involved in the 2016 US presidential election, stealing documents from those computers, and staging releases of the stolen documents to interfere with the 2016 US presidential election.”

A federal grand jury sitting in the District of Columbia indicted the 12 for “aggravated identity theft, false registration of a domain name, and conspiracy to commit money laundering.”

The Bundestag and the US Democrats, according to Der Spiegel’s 2015 report, were not the only targets of the Fancy Bear aka APT 28 aka Sofacy Group, as the Russian cyber intelligence “successfully attacked ex-Soviet foreign and internal ministries, Eastern European governments and military institutions, as well as NATO and the White House.”

Germany’s investigation and the warrant against Badin, as Merkel indicated, doesn’t change her assessment of Russia’s tactics, saying that was the latest piece of evidence for a Russian strategy of “hybrid warfare, which includes warfare in connection with cyber, disorientation and factual distortion.”

“It is not a coincidence, it is absolutely a strategy they're pursuing,” she said.