Enlarge image
Special situation report by the Federal Office for Information Security (BSI): »Attack on high-value targets«
Photo: Kacper Pempel/ REUTERS
Germany could soon become the target of further cyber attacks in connection with the Russian invasion of Ukraine.
According to SPIEGEL information, this emerges from a special situation report by the Federal Office for Information Security (BSI).
Accordingly, the BSI has information from a "trustworthy partner" that an attack against "high value targets" could be imminent.
The information probably came from abroad via the German cyber defense center to the BSI.
Since the beginning of the crisis and German support for Ukraine with arms deliveries and sanctions against Russia, cyber attacks, for example against energy suppliers or military facilities, have been considered by security circles to be the greatest threat to Germany at the moment.
The Federal Office for the Protection of the Constitution also warns of an increased risk in a paper.
In addition to critical infrastructure, the Russian secret services also had the ability to "considerably and permanently sabotage" political operations.
Germany has long been the focus of hacker groups
Shortly after the beginning of the war, there was a wave of attacks in Germany by the »Ghostwriter« hacker campaign, which was allegedly controlled by Russian services.
"Due to renewed, current attacks by ghostwriters in March 2022 against people in Germany, special caution is required," says a security advisory from the authority to representatives of the German economy.
The hackers try to gain access to e-mail accounts with so-called phishing e-mails.
The Federal Office warns that the lure mails are currently coming from the harmless-sounding address t-online.de@comcast.net.
According to the Office for the Protection of the Constitution, "ghostwriters" have "successfully captured data from elected officials and other political targets" in the past.
These could possibly be made public via so-called hack and leak operations and misused for disinformation campaigns.
According to the authority, there is also a risk that attackers will hijack journalists' news portals or social media accounts in order to spread false reports via these channels.
The German security authorities assume that "Ghostwriter" is controlled by Vladimir Putin's military intelligence service GRU.
US authorities also warn
A cyber attack on the KA-SAT satellite network in Central and Eastern Europe caused collateral damage in Germany at the end of February when the remote control of numerous wind turbines failed.
It is not yet known who is behind this attack.
The US IT security authority is also warning companies in the country to prepare for increasing hacker attacks in view of the escalation in Eastern Europe.
In response to this, three important IT security companies in the USA have apparently announced that they want to protect particularly vulnerable companies in the critical infrastructure for four months free of charge.
According to the Washington Post, the companies offer Cloudflare, Crowd Strike and Ping Identity to hospitals, energy producers and water utilities to protect them from counterattacks from Russia.
hpp/rol/rom/wow
