15 June 2015

Cyber Penetration of German Parliament Computers Traced to Two Malware-Laden Email Links

Deutsche Welle 
June 12, 2015 

Emails blamed for Bundestag cyber-attack 

Germany’s Bundestag administration ran into cross-party criticism on Friday for delaying notification of the cyber-intrusion. Some officials were reportedly alerted on May 12, but parliamentarians were only informed on Thursday. 

The “Welt” newspaper quoted security service sources on Friday as saying a link contained in the emails sent users to a website containing malicious software. It then installed itself secretly on Bundestag computers used by parliamentarians and their staff. 

The so-called Trojan was similar to the one that disabled the French television station TV5 Monde in April.

Issue ignored? 

Opposition Greens spokesman on network policy Konstantin von Notz told German public television channel ZDF that Chancellor Angela Merkel’s governments had “slept” on the issue in recent years. 

Stephan Mayer, one of Merkel’s conservative Bavarian allies, told the mass-market daily “Bild” that the Bundestag administration had reacted inadequately. 

“In view of the seriousness of the attack, information should have been prompter and more insistent,” Mayer said. 

Infrastructure safeguards 

The disclosures in Berlin were to coincide on Friday with a long-scheduled Bundestag debate on stricter Internet precautions for Germany’s infrastructure supplies such as energy utilities, transport services and banks. 

In his warning on Thursday, the Bundestag’s administrative president, Norbert Lambert, a conservative ally of Merkel, said he was confident that “massive” intrusion could be overcome. 

A partial overhaul the parliament’s network could be necessary, Lambert added. 

The “Berliner Zeitung” newspaper said the Bundestag’s communications technology committee was briefed on May 21 about the attack by Michael Hange, the head of the Federation Office for Information Security (BSI). 

The attackers had managed to obtain administrator rights for parliament’s “complete” electronic infrastructure, the newspaper said. 

German domestic intelligence service head Hans-Georg Maassen said on Thursday during a cyber conference in Potsdam that the intrusion at the Bundestag could have come from a “foreign intelligence service.” 

Maassen did not speculate on a possible source of the attack. 

No comments: