Pierluigi Paganini November 30, 2016

German politicians fear Russian interference in the next election after the cyber attack that hit at least 900,000 routers.

During the weekend an improved version of the Mirai Botnet caused serious connectivity problems to at least 900,000 routers of the Deutsche Telekom.

Just after the attack, some experts speculated the involvement of Russian hackers behind the botnet that powered it.

The Government of Berlin fears possible interference of Russian nation-state hackers with the 2017 German election.

The attack demonstrated once again how much vulnerable it modern society to cyber threats, which then can also interfere with a political election. German politicians fear the Kremlin’s cyber capabilities. The alleged Russian interference in the US Presidential election is unleashing a domino effect and insinuating the fear in governments.

“I don’t have any concrete information about the origin of the attacks on the Telekom network,” Chancellor Angela Merkel said on Tuesday in Berlin. “Let me just say that such cyberattacks, or ‘hybrid attacks’ as they’re known in Russian doctrine, are part of everyday life today, and we need to learn to deal with them.”

State-sponsored hackers or non-nation state actor?

Even if the attack was launched by Russian hackers its attribution still remains the biggest problem to solve. Governments need to properly manage such kind of situation through the definition of norms of state behavior that can deal with cyber attacks launched by both categories of threat actors.

The Germany’s Interior Minister Thomas de Mazière expressed a great concern for explicitly blaming Moscow.

“It’s possible that we can’t clearly distinguish between criminal activities launched from a certain country and state activities,” Maizière declared at a conference of federal state interior ministers in Saarbrücken, when asked if Moscow was responsible for the attacks against the German routers.

The new president of German intelligence service (BND), Bruno Kahl, confirmed that foreign hackers can try to launch cyber attacks in the attempt to “delegitimize the democratic process” in the country.

“In an interview with the Süddeutsche Zeitung newspaper, Bruno Kahl – the new president of German intelligence service, the BND – complained about hackers trying to “delegitimize the democratic process as such” and said he had “indications” that the hacks “came from certain quarters,” namely Russia. And the Telekom hack is by no means the only attack of its kind in Germany.” reported DW.com.

The daily Der Spiegel speculated that the Russian Government was involved in the attack occurred in May 2015.  The news agency reported the opinion government representatives close to the Bundestag’s tech department.

“Behind the Cyber attack on the data network of the German Bundestag experts suspect Russian professional hackers. The SPIEGEL ONLINE learned from multiple sources familiar with the case. Thus, the German security authorities are now available clear indications that an authorship Russian cyber spies – point – perhaps a secret.” states the Der Spiegel website.

The attackers, likely Russian state-sponsored hackers, used a sophisticated strain of malware to violate the Bundestag network and syphon sensitive data. The experts that analyzed the malicious have found it similar to the malware used in a previous attack against on a German Government network occurred in 2014.

“We have indications that hacker groups from Russia are active in this area, but we also know what foreign intelligence services are capable of,” Social Democratic Bundestag deputy Lars Klingbeil told Deutsche Welle. “For me this shows that we really need to protect ourselves structurally. Looking ahead to the national elections next year, this could become a major issue.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –Russian interference, hacking)