The hacker attack on federal government and network information Verbund Bonn-Berlin (IVBB) was apparently part of a worldwide attack. As Süddeutsche Zeitung, NDR and WDR report without relying on specific sources, States should be affected in Scandinavia, South America and former Soviet states, including Ukraine. It is unclear which countries are exact ones.
if ( typeof AdController !== ‘undefined’ !window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile8’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile8’; elem.className = “ad ad-desktop ad-desktop–8 ad-desktop–8-on-article”; elem.setAttribute(‘data-banner-type’, ‘desktop’); elem.setAttribute(‘data-banner-label’, ‘Anzeige’); document.getElementById(‘ad-desktop-8’).parentNode.appendChild(elem); AdController.render(‘iqadtile8’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 8 desktop’) } } } if ( typeof AdController !== ‘undefined’ window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile3’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile3’; elem.className = “ad ad-mobile ad-mobile–3 ad-mobile–3-on-article”; elem.setAttribute(‘data-banner-type’, ‘mobile’); document.getElementById(‘ad-mobile-3’).parentNode.appendChild(elem); AdController.render(‘iqadtile3’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 3 mobile’) } } }
Previously, world, citing US security company FireEye, had reported that similar attacks had occurred throughout Europe. This was presumed to be attacks by group APT28, also known as Fancy bear: “We have been observing for several months that APT28 is targeting foreign and defence ministries in European Union and is trying to gain access to protected systems The paper of security expert Benjamin Read.
On Friday, Spiegel also reports on or previously unknown attacks, among ors on Berlin Foundation for Science and Politics (SWP). The attack began in December 2016 and was presumed to have been executed by APT28. The foundation is one of most influential German research institutes for foreign and security policy issues and advises Bundestag and federal government.
Was Federal Academy of Administration gateway?
According to current reports, however, behind attack on government network is not APT28, but group snake, also called Turla. Like APT28, she is also said to have a connection with Russian intelligence services. As several media report unanimously, reference to attack in Germany came from a foreign intelligence service. Snake has also been active for many years, among security experts, group’s malicious code is considered complex and highly developed. It is not hacker’s intention to use as much data as possible, but to search for specific keywords and information. This could explain why malware was not detected for a long time.
if ( typeof AdController !== ‘undefined’ !window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile4’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile4’; elem.className = “ad ad-desktop ad-desktop–4 ad-desktop–4-on-article”; elem.setAttribute(‘data-banner-type’, ‘desktop’); elem.setAttribute(‘data-banner-label’, ‘Anzeige’); document.getElementById(‘ad-desktop-4’).parentNode.appendChild(elem); AdController.render(‘iqadtile4’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 4 desktop’) } } } if ( typeof AdController !== ‘undefined’ window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile4’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile4’; elem.className = “ad ad-mobile ad-mobile–4 ad-mobile–4-on-article”; elem.setAttribute(‘data-banner-type’, ‘mobile’); document.getElementById(‘ad-mobile-4’).parentNode.appendChild(elem); AdController.render(‘iqadtile4’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 4 mobile’) } } }
On Wednesday it was known that attackers apparently had been able to penetrate federal safety net unnoticed for about a year. As with attack on Bundestag in year 2015, experts suspect that Russian hackers are behind attack. Accurate identification of hacker attacks is difficult. Russia has accusations of itself.
As research group continues to report, a total of 17 computers were to have been inattacked by Trojan. Citing “informed circles” it is said that malware was first introduced at end of 2016 on computer of Federal Academy of Public Administration and had slumbered re until January 15, 2017. On this date, program should have been activated from outside and started to spy on its surroundings. In March 2017, hackers succeeded in penetrating into Foreign Office. Data should also be drained. Which exactly is unknown.
The general attorney has commenced a preinvestigation against unknown for suspicion of intelligence agent activity.
