“It is a real cyberattack on parts of the government system. It’s an ongoing process, an ongoing attack,” said Armin Schuster, chairman of the committee, adding that no further details could be given to avoid passing crucial information on to the attackers.
Interior Minister Thomas de Maiziere said the hacking was “a technically sophisticated attack that had been planned for some time”, adding that it had been brought under control.
The highly professional assault had been monitored by the security agencies in order to gain insights into the mode of attack and its targets, said de Maiziere.
German news agency DPA said Thursday, a day after first reporting the attack, that the likely authors were the Russian cyber espionage group “Snake”, citing unnamed security sources.
Also known as “Turla” or “Uruburos”, the group, which targets state departments and embassies worldwide, is believed to have links to Russian intelligence, according to German media.
DPA had earlier pointed at the Russian hacker group APT28, which has been accused of attacks on Hillary Clinton’s 2016 presidential campaign as well as on Germany’s parliamentary IT system in 2015.
German security authorities had only detected the online spying in December, DPA has reported, adding that it had infiltrated the systems of the foreign and interior ministries.
Konstantin von Notz, deputy of the committee, complained it was “completely unacceptable” that members of the oversight body only learnt of the attack through the media.
– Russian hackers –
Top security officials had repeatedly warned during Germany’s 2017 general election campaign that Russian hackers may seek to influence or disrupt the polls.
While authorities did not have concrete proof, they have blamed the malware attack that crippled the Bundestag parliamentary network in 2015 for days on the APT28, also known as “Fancy Bear” or “Sofacy”.
The attack netted 17 gigabytes of data which, officials feared, could be used to blackmail MPs or discredit them.
In a separate assault, several German political parties were in September 2016 sent fake emails purporting to be from NATO headquarters which contained a link that installed spying software on victims’ computers.
The emails affected party operations such as a regional network of Chancellor Angela Merkel’s Christian Democratic Union and the federal offices of the far-left Die Linke party.
Amid the rising frequency of attacks, Germany’s defence ministry in 2016 set up a cyber department to coordinate the response to online intrusions.
Merkel, seeking to prepare the German public for more online attacks, has said people should “not allow themselves to be irritated” by such rogue operations.