German Election body hit by a cyber attack

A spokesman for the authority running Germany’s September 26 general election confirmed that hackers briefly disrupted its website last month.

Threat actors last month hit the website of the authority running Germany’s September 26 general election, reported AFP. According to a spokesman for the organization, the attack took place at the end of August and caused temporary disruption of the service.

“At the end of August the website of the Federal Returning Officer only had limited accessibility for a few minutes due to a malfunction,” said a spokesman for the body. “The problem was analysed and the technical concepts were further developed accordingly. The information for the public through the website of the Federal Returning Officer was and is ensured.”

The website, which was used to publishes the official results of the vote, was hit by a distributed denial of service attack.

The attack did not impact the IT infrastructure used to manage the election due to the defense implemented by the government technicians.

The federal prosecutor’s office launched an investigation into the incident. Government officials recently blamed Russian state-sponsored hackers of cyber espionage on MPs.

Early September, Germany has formally protested to Russia over a series of cyber attacks aimed at stealing data from lawmakers that could be used to arrange disinformation campaigns before the upcoming German election.

The spokeswoman for the Foreign Ministry, Andrea Sasse, said that threat actor tracked as Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations.” in attacks against Germany.

The alleged state-sponsored hackers conducted phishing attacks against federal and state lawmakers to steal their personal login details.

“These attacks could serve as preparations for influence operations such as disinformation campaigns connected with the parliamentary election,” Sasse told reporters in Berlin.

“The German government has reliable information on the basis of which Ghostwriter activities can be attributed to cyber-actors of the Russian state and, specifically, Russia’s GRU military intelligence service,” she added. It “views this unacceptable activity as a danger to the security of the Federal Republic of Germany and for the process of democratic decision-making, and as a severe strain on bilateral relations.”

The government of Berlin calls on the Kremlin to immediately halt these campaigns. The German government considers the attacks completely unacceptable and warns of a possible response if they will not end.

In March, German newspaper Der Spiegel revealed that email accounts of multiple members of the German Parliament (Bundestag) were targeted with a spearphishing attack. The attackers are suspected to be hackers of the tracked as Ghostwriter group that works under the control of the Russian military secret service GRU.

In July, the head of Germany’s domestic intelligence agency confirmed that phishing attacks targeted the private email accounts of federal and state lawmakers and their staff.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, German Election)

[adrotate banner=”5″]

[adrotate banner=”13″]