Summary: German federal agencies have warned about an increase in phishing attacks targeting political parties ahead of the European Union elections.
Threat Actor: Nation-state hackers
Victim: Political parties in Germany
Key Point :
- The Federal Office for Information Security (BSI) and the Federal Office for the Protection of the Constitution have attributed the attacks to nation-state hackers.
- The phishing attacks aim to steal data or documents and have raised the threat level for the targeted political parties.
- Mandiant, a security firm, previously warned about a Russian hacking campaign targeting German political parties.
- The Russian state-sponsored hacking group APT29, also known as Midnight Blizzard and the Dukes, is believed to be behind the campaign.
- The phishing attacks involve spoofed websites and emails designed to appear from IT support staff to trick victims into revealing their credentials.
- Similar warnings have been issued by Western intelligence agencies, including the disclosure of Chinese espionage activities targeting UK Parliament members.
- In response to the increased cyberattacks, Germany plans to revamp its military forces and create a specialized force for electronic warfare and cyberwarfare.
German federal agencies warned that phishing attacks targeting political parties surged ahead of upcoming European Union elections.
The Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution on Thursday blamed nation-state hackers.
“An increase of attacks can currently be assumed, particularly in light of the upcoming European elections. These may include phishing attacks to publish stolen data or documents,” a BSI spokesperson told Information Security Media Group.
The spokesperson said the attacks have heightened the “threat level for the targets in focus,” and that the agency has contacted political parties about the dangers of potential hacks and leak campaigns.
The agency did not attribute the attacks to a specific country but confirmed that they are tied to a nation-state group.
The disclosure comes just weeks after security firm Mandiant warned of a Russian hacking campaign targeting political parties in Germany. The company attributed the campaign to the Russian state-sponsored hacking group it tracks as APT29, which has used emails designed to appear from the German Christian Democratic Union (see: Russian Nation-State Hacker Targets German Political Parties).
APT29, also known as Midnight Blizzard and the Dukes, operates out of the Foreign Intelligence Service.
Speaking to a German outlet, the agencies said hackers carried out a phishing attack using spoofed websites. The attackers sent victims emails that appeared to come from IT support staff in an apparent bid to harvest credentials.
Western intelligence agencies have made similar warnings. Recently, the British deputy prime minister revealed at least five members of the U.K. Parliament had been targeted as part of an espionage campaign that the country attributed to Chinese nation-state group APT 31 (see: UK Discloses Chinese Espionage Activities).
In a recent indictment unsealed by the U.S. Justice Department against suspected APT31 hackers, authorities revealed the group targeted multiple lawmakers across Europe.
Last year, German intelligence warned Russian and Chinese hackers were targeting critical infrastructure in the country. While the Russian attacks largely stemmed from Germany’s vocal support for Ukraine and focused on stealing intelligence on NATO activities, the agency said the Chinese threats were espionage activities intended to support Beijing’s Made in China 2025 plans.
In a move intended to shore up its defense capabilities in the wake of increased cyberattacks, German Defense Minister Boris Pistorius on Thursday announced plans to revamp the country’s military forces, which include creating a new force that specializes in electronic warfare and cyberwarfare.
“An interesting youtube video that may be related to the article above”