Germany blocked two cyber attacks from ‘Fancy Bear’ last year

Last year, the German government reportedly warded off two cyber attacks from a Russian hacker group dubbed ‘Fancy Bear’, also known as APT28.

The first attack occurred in May 2016 and involved an attempt to create an Internet domain for the incumbent Christian Democratic Union (CDU) party in the Baltic region.

The second attack, several months later, used a spear-phishing scheme targeted at German parties in the Bundestag, the lower house of parliament. According to Arne Schoenbohm, president of the Federal Office for Information Security, the attack used a NATO domain and attempted to inject malicious software into the networks of German politicians.

Russian electioneering

In December last year, Germany’s intelligence agency, the BfV, warned the government of the increased risk that Russian hackers presented.

It discussed the alarming rise in Russian propaganda and disinformation campaigns, as well as the “growing evidence for attacks to influence the federal election next year”.

Two weeks before the BfV’s warning, WikiLeaks published secret files that are thought to have been accessed during a previous cyber attack on the Bundestag in 2015. The files, dating from early 2014 to January 2015, came from a committee investigation into whether the US National Security Agency (NSA) had spied on German politicians.

The intrusion into political information follows a trend of hacks that have been attributed to Russian state-sponsored hackers in general and Fancy Bear – a group widely believed to be associated with the Russian government – in particular.

Fancy Bear is also one of two groups behind last year’s attack on the US Democratic National Committee in what is believed to have been an attempt to help Donald Trump’s presidential campaign.

Europe responds to threats

Following a series of attacks on governments, countries across Europe are stepping up their cyber defences. In particular, Germany and France – who will both hold elections this year – are preparing for hacking attempts and misinformation campaigns.

Earlier this year, Italy and the Czech Republic confirmed breaches to their foreign ministries, both accusing Russian state-sponsored hackers.

Meanwhile, the UK government recently opened its National Cyber Security Centre (NCSC), part of a five-year strategy to improve its cyber defences.

Staying secure

Not all organisations should be concerned about becoming victims of state-sponsored hacking, but they should all be aware of the risks that insufficient cyber defences can present.

The best way to ensure your organisation’s security is to implement an information security management system (ISMS), as set out in the international best-practice standard ISO 27001.

ISO 27001 covers people, processes and technology, recognising that information security isn’t about technology alone. An ISO 27001-compliant ISMS will also help organisations meet the requirements of the EU General Data Protection Regulation (GDPR), which will come into effect on 25 May 2018.

To help your business implement an ISO 27001-compliant ISMS, IT Governance offers a range of fixed-price packaged solutions. Each provides a combination of products and services that can be accessed online and deployed anywhere in the world.

Find out more about our ISO 27001 packaged solutions >>

Leave a Reply

Your email address will not be published. Required fields are marked *