Are Russian hackers behind the Bundestag cyber attack?

Security experts involved in investigation on the attack against the Bundestag suspect that the hack was part of a large-scale espionage campaign backed by the Kremlin.

Last month, the German Bundestag suffered a serious cyber attack by unknown hackers, in the days following the incident the German parliament officially confirmed media reports about a hacking attack.

“There has been an attack on the IT systems of the Bundestag,” spokesman Ernst Habeker said in Berlin.

The experts of the Bundestag, the IT staff immediately started the investigation supported by the Government Office of Information Technology Security (BSI).

The IT staff at the Bundestag noticed that unknown hackers were trying to penetrate the internal network of the German Parliament.

“After SPIEGEL ONLINE information IT professionals Parliament had noticed already several days ago that the unknown trying to enter into the internal data network of the Bundestag.Apparently, the wanted hackers gain access to information from the computer system. Almost simultaneously also noted experts of the intelligence service in the Cyber Defence Centre of the Association the Spähversuch and warned the Bundestag Administration.” reported the German news agency.

A few days ago, the German Government confirmed that hackers who breached the Bundestag systems a couple of weeks ago have also stolen data from targeted network. A spokeswoman for the Bundestag, the Germany’s parliament, confirmed that unknown hackers have stolen data during the cyber attack, the investigators have uncovered several data leaks.

“A spokeswoman for Germany’s lower house of parliament, the Bundestag, confirmed that hackers had managed to steal data during the cyber attack two weeks ago. She described the detection of several data leaks.” reported the Germany’s international broadcaster Deutsche Welle.

Steffi Lemke, a representative of the Greens party, explained that the discovery of data leaks confirms that “the impact of the cyber attack on the Bundestag is worse than previously thought.”

“This attack reveals the Interior Ministry has completely missed out on establishing a functioning cyber defense,” Lemke said.

New revelations are circulating on the Internet regarding the cyber attack. The daily Der Spiegel speculates that the Russian Government is involved in the attack.  The Kremlin is the chief suspect in the hack of the Bundestag systems, despite the news is still not official, the news agency reported the opinion government representatives close to the Bundestag’s tech department.

“Behind the Cyber attack on the data network of the German Bundestag experts suspect Russian professional hackers. The SPIEGEL ONLINE learned from multiple sources familiar with the case. Thus, the German security authorities are now available clear indications that an authorship Russian cyber spies – point – perhaps a secret.” states the Der Spiegel website.

The attackers, likely Russian state-sponsored hackers, used a sophisticated strain of malware to violate the Bundestag network and syphon sensitive data. The experts that analyzed the malicious have found it similar to the malware used in a previous attack against on a German Government network occurred in 2014.

“The cyber attack on the “Parlakom” network was discovered in early May.At the parliamentary IT network 20,000 Bundestag accounts are connected – including German Chancellor Angela Merkel and other government officials.” continues the Der Spiegel.

The IT staff reported that the situation is slowly returning to normal.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  State Sponsored hacking, Bundestag)