The German Foreign Ministry has expressed concern over new reports of hacking 'by Russia-linked' actors, saying that it would await the results of a formal investigation before making any "conclusions" or announcing countermeasures.
"Everyone is aware of the reports about hacker attacks. This causes concerns. These are not the first reports, there have been some hack attacks in the past. The latest attack is currently under investigation. We will make conclusions and announce which measures will be implemented after we receive the results," Foreign Ministry spokeswoman Andrea Sasse told reporters on Monday.
The Ministry's statement follows reports by German media late last week alleging that seven Bundestag MPs and 31 members of regional parliaments had been affected by a hacking blamed on Russia's GRU military intelligence agency.
According to Spiegel magazine, hackers belonging to a hacking campaign known as 'the Ghostwriters', supposedly linked to the GRU, targetted politicians belonging to Chancellor Angela Merkel's Christian Democratic Union (CDU) and its grand coalition partner - the German Social Democratic Party (SPD), as well as several dozen activists. The hack attack reportedly worked by using phishing emails.
It's not clear whether any data has been leaked.
Unnamed "security authorities" told Spiegel that the same group was behind the Bundestag hack of 2015, which reportedly led to the theft of over 16 gb of data from a parliament computer. Last year, German prosecutors issued an arrest warrant for a Russian national it accused of involvement in the hack.
The 2015 hacking allegations caused a diplomatic spat between Russia and Germany, with Berlin summoning Russia's ambassador and slapping sanctions on entities it claimed were responsible. Russia vocally denied claims of involvement in the 2015 attack, with Foreign Minister Sergei Lavrov saying that Berlin had failed to present Moscow with any substantive evidence of a Russian trace. In December, Moscow responded to German sanctions by slapping entry bans on top German security and intelligence officials.
Hacking attacks - and allegations about them, have long become a mainstay of broader geopolitical and economic disputes between nations and large corporations. Attribution of such attacks has been made difficult by threat actors' ability to 'spoof' victims - that is, to make it appear that an attack is coming from one entity or country while in reality being carried out from somewhere else. Last year, veteran cryptographer and National Security Agency whistleblower Bill Binney explained to Sputnik that US intelligence agencies have the technical capability to spoof attacks to make them appear as if they're coming from China, Russia, Iran, North Korea, or the Arab world, with the software suite, known as the Marble Framework, presumably coming in handy to artificially set countries up against one another. Other countries are believed to have similar capabilities.