Cyberattack 'ongoing' against German government network

"It is a real cyberattack on part of the government system. It's an ongoing process, an ongoing attack," said Armin Schuster. (Photo: AFP/John MacDougall)

"It is a real cyberattack on parts of the government system. It's an ongoing process, an ongoing attack," said Armin Schuster, chairman of the committee, adding that no further details could be given to avoid passing crucial information on to the attackers.

Interior Minister Thomas de Maiziere said the hacking was "a technically sophisticated attack that had been planned for some time", adding that it had been brought under control.

The highly professional assault had been monitored by the security agencies in order to gain insights into the mode of attack and its targets, said de Maiziere.

German news agency DPA had reported Wednesday, quoting unnamed security sources, that the group of Russian hackers blamed for hitting the German parliament's IT system in 2015 had now infiltrated a broader government network that includes the foreign and interior ministries.

It said the hacker group known as APT28 - which has been linked to Russia's GRU military intelligence agency and accused of attacks on Hillary Clinton's 2016 presidential campaign - managed to plant malware in the ministries' networks for possibly as long as a year.

German security authorities only detected the online spying in December, the report said.

Konstantin von Notz, deputy of the committee, complained it was "completely unacceptable" that members of the oversight body only learnt of the attack through the media.

RUSSIAN HACKERS

Top security officials had repeatedly warned during Germany's 2017 general election campaign that Russian hackers may seek to influence or disrupt the polls.

While authorities did not have concrete proof, they have blamed the malware attack that crippled the Bundestag parliamentary network in 2015 for days on the APT28, also known as "Fancy Bear" or "Sofacy".

The attack netted 17 gigabytes of data which, officials feared, could be used to blackmail MPs or discredit them.

In a separate assault, several German political parties were in September 2016 sent fake emails purporting to be from NATO headquarters which contained a link that installed spying software on victims' computers.

The emails affected party operations such as a regional network of Chancellor Angela Merkel's Christian Democratic Union and the federal offices of the far-left Die Linke party.

Amid the rising frequency of attacks, Germany's defence ministry in 2016 set up a cyber department to coordinate the response to online intrusions.

Merkel, seeking to prepare the German public for more online attacks, has said people should "not allow themselves to be irritated" by such rogue operations.

"You just have to know that there's such a thing and learn to live with it," she said.