German Government Servers Pwned…. Data Swiped…. Perhaps By The Russians

The German government has confirmed that it has identified a serious attack against its servers. Allegedly data was swiped as part of of the pwnage. The culprits according to reports are APT28 which are also known as the Fancy Bear hacking group which is Russian linked:

The group used malicious software to target German federal agencies, including the foreign and defence ministries. Hackers were able to steal data but the extent of the breach was still under investigation, the sources told dpa.

The German chancellery and the Federal Court of Auditors were also said to be among the sites compromised.

German security agencies recognized the cyberattack in December and have been trying to determine how far the group was able to penetrate into the government computer networks. The infiltration likely lasted more than a year.

The Interior Ministry confirmed the cyberattack without commenting on who perpetrated it, saying it was “isolated and brought under control.”

“The incident is being treated as a high priority and with substantial resources,” spokesman Johannes Dimroth said, adding that “government information technology and networks” had been hit.

Germany and Russia aren’t the best of friends. This incident isn’t going to help that. But there’s another piece to this. This attack may have gone on for at least a year. So that implies that not one IT security guy in the German government had any idea that they’d been pwned? It also implies that that nobody looked at either the firewall appliances or the logs for a whole year, or bothered to look for anything unusual?

I think that says more about their security than Fancy Bears skill.





Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: