German Intelligence Warns of Russian Cyber Attack on Critical Infrastructure
The heads of Germany’s Federal Intelligence Service (BND) and the Federal Office for the Protection of the Constitution (BfV) have issued a warning about a large-scale cyber attack by a special unit of the Russian GRU intelligence agency. The reported targets include railway lines and border crossings, as well as airports and seaports, according to a report in the Welt am Sonntag.
The BND president, Bruno Kahl, stated that it is often difficult to identify the perpetrators of cyber attacks on Western infrastructure, but in this case, it is clear that the attacks come from the Russian military intelligence agency GRU and its cyber warriors, referring to a group known as APT 28.
According to the services, the attacks are now primarily targeting logistics and transportation companies that are involved in aid deliveries to Ukraine. APT 28 is also believed to have infiltrated surveillance cameras at corresponding locations in Ukraine and its neighboring countries to monitor aid deliveries and enable potential sabotage attacks.
“Russia is acting as a hybrid aggressor and has a wide range of tools at its disposal, including cyber attacks, which can have a significant impact on Germany. We are currently observing a wave of attacks by APT 28” said BfV Vice President Sinan Selen to the Welt am Sonntag.
Former BND President Gerhard Schindler advocates for counterattacks, also known as hackbacks, stating that the ability to recognize problems is good, but the ability to combat them is not keeping pace with the threat level. It is unacceptable, he said, that security authorities are not allowed to retaliate after recognizing IT attacks and are instead limited to simply monitoring them.
Günter Heiß, a former coordinator of the German government’s intelligence services, said that the discussion of hackbacks has already taken place and that if the legal basis were created, it would be a legitimate means of responding to cyber attacks. He urged the government to take quick action, as relying solely on allied intelligence services to counter cyber attacks is not sufficient and can be too late once critical infrastructure is taken down.
Günter Krings, the deputy chairman of the CDU/CSU parliamentary group, also emphasized the need for better cyber defense, including the development of digital resilience and the creation of a legal framework for hackbacks. “If a continuous digital attack has severe consequences for people or central state functions, then the state must be enabled to actively interrupt this attack” he said.
The current coalition agreement between the Union and the SPD does not mention hackbacks, unlike the previous agreement of the failed grand coalition, which stated that hackbacks are fundamentally rejected as a means of cyber defense. The new agreement instead calls for the development of a cyber security strategy with the goal of a clear distribution of roles and responsibilities.
Konstantin von Notz, the vice chairman of the Green parliamentary group and the chairman of the parliamentary control committee, warned that Germany is not adequately prepared for Putin’s hybrid war and that the warnings of the security authorities, including the presidents of the intelligence services, are not new and the government has not adequately addressed the great and pressing challenge.
Niedersachsen’s Interior Minister, Daniela Behrens, called for the authorities to work more closely together to counter cyber attacks, as many attacks cross national borders and often involve information from foreign partners. She emphasized the importance of international cooperation in this field, which is “unconditional and must be continued.