The federal government has imposed a strict news ban on attack on parts of government network. Hardly anyone dares to say anything about hack of IVBB ( Information Network Berlin-Bonn). It is not to be known more than things that Ministry of Interior announced. This only remains to analyze little information that has been backed up so far. And language of official statements is particularly noticeable.

if ( typeof AdController !== ‘undefined’ !window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile8’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile8’; elem.className = “ad ad-desktop ad-desktop–8 ad-desktop–8-on-article”; elem.setAttribute(‘data-banner-type’, ‘desktop’); elem.setAttribute(‘data-banner-label’, ‘Anzeige’); document.getElementById(‘ad-desktop-8’).parentNode.appendChild(elem); AdController.render(‘iqadtile8’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 8 desktop’) } } } if ( typeof AdController !== ‘undefined’ window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile3’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile3’; elem.className = “ad ad-mobile ad-mobile–3 ad-mobile–3-on-article”; elem.setAttribute(‘data-banner-type’, ‘mobile’); document.getElementById(‘ad-mobile-3’).parentNode.appendChild(elem); AdController.render(‘iqadtile3’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 3 mobile’) } } }

Interior Minister Thomas de Maizière said: “It is a success that hacker attack on network of federal government could be isolated and brought under control.” The attackers were “monitored by German security authorities”. Ole Schroeder, state Secretary at Ministry of Interior, was quoted as saying that attack had been “fully monitored at all times”.

Armin Schuster, chairman of parliamentary Body for control of intelligence services, was even more cautious. He said after a special session of PKGr, ” federal government is trying to keep process under control”.

Control of attack, attempt of control. It is refore a matter of preventing furr spread. There is no mention of fact that attack has ended, that malware could be made harmless. Obviously, this has not yet been achieved.

if ( typeof AdController !== ‘undefined’ !window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile4’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile4’; elem.className = “ad ad-desktop ad-desktop–4 ad-desktop–4-on-article”; elem.setAttribute(‘data-banner-type’, ‘desktop’); elem.setAttribute(‘data-banner-label’, ‘Anzeige’); document.getElementById(‘ad-desktop-4’).parentNode.appendChild(elem); AdController.render(‘iqadtile4’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 4 desktop’) } } } if ( typeof AdController !== ‘undefined’ window.Zeit.isMobileView()) { if ( !document.getElementById( ‘iqadtile4’ ) ) { var elem = document.createElement( ‘div’ ); elem.id = ‘iqadtile4’; elem.className = “ad ad-mobile ad-mobile–4 ad-mobile–4-on-article”; elem.setAttribute(‘data-banner-type’, ‘mobile’); document.getElementById(‘ad-mobile-4’).parentNode.appendChild(elem); AdController.render(‘iqadtile4’); if ( window.console typeof window.console.info === ‘function’ ) { window.console.info(‘AdController ‘ AdController.VERSION ‘ tile 4 mobile’) } } } Defensive operation still running

“The federal government’s emergency measure is still running,” Stephan Thomae said time online. He is a member of Parliamentary Control Committee (PKGR) for FDP group. The authorities involved could not yet say wher y had already found any hideout of attackers, computers of affected network would still be searched.

Thomae thus supplemented a statement by Schuster. After PKGr session, he had said that attack on government network was not over yet, it was a “still running” cyberattack. But not attack itself was meant by Schuster, said Thomae, but defensive operation. She’s not over yet.

Detecting a spy attack on a computer network is only first step. Then every computer, every software must be checked to see if it has been infected. Only n can affected systems be cleaned or re-installed. In an attack on such sensitive systems, authorities also have a great interest in learning as much as possible about attackers – by watching m and by analyzing attack tools and methods.

“Particularly reprehensible secret treachery”

Obviously, relevant federal Office for Security in Information technology is still working on second step. Or, as Thomae said, “We can’t be sure yet wher tumor was really out of surgery.”

This explains why official bodies reacted so unwell after attack on IVBB became known.

It is a “particularly reprehensible secret treachery which has led to fact that facts became public”, said Stephan Meyer, internal political spokesman of Union Bundestag group in Bundestag, time online. It must be prosecuted who leaked it. And also Thomae finds that it is not just a scandal that re was a security breach in secure network of authorities. But it is also a scandal that re has been a tipster that made case public before emergency measures could have been terminated.

The whole thing sounds like it’s a bigger operation. And it sounds as though control is not quite as perfect as interior Minister de Maizière wants to make believe. On one hand, a cobbler’s formulation suggests an attempt at control. On or, but also statement by Schroeder, Secretary of interior. Schroeder had said that attacker had been “fully controlled by security authorities at all times”.

Under control at all times?

This “at any time” but attracts André Hahn from Left party in doubt. He is also a member of PKGr. You can only control a hacker attack if you have knowledge of it, Hahn wrote in a statement. I would like to inform Mr Schroeder once again, “when attack has actually started after current level of knowledge and when federal government has heard of it. Only from n on could measures be taken. “

This suggests that two data are not congruent. That would also explain message lock. On one hand, it should protect still-ongoing search for attackers so that y do not hide even deeper in IVBB – and attackers, after media attention in Germany, can probably think long ago that y are looking for m.

On or hand, muzzle should give impression that BSI and Ministry of Interior have everything under control. There is evidence to doubt it.