Share this article on:
After attributing a major political cyber attack to Russian state-sponsored actors, Germany has called on representatives from Russia to respond to the claims.
Last week, German Foreign Minister Annalena Baerbock said that investigations had unveiled that Russian state-sponsored threat group APT28 or Fancy Bear was responsible for an attack on the German Social Democratic Party in 2023,
“Today, we can say unambiguously we can attribute this cyber attack to a group called APT28, which is steered by the military intelligence service of Russia,” Baerbock said at a news conference in Australia last week.
“In other words, it was a state-sponsored Russian cyber attack on Germany, and this is absolutely intolerable and unacceptable and will have consequences.”
Now, Germany has summoned the acting representative of the Russian embassy to comment on claims that the same APT28 group, which is believed to be acting on behalf of the Moscow GRU, was behind a cyber espionage campaign dating back to 2022.
“We and our partners will not tolerate these cyber attacks and will use the entire spectrum of measures to prevent, deter and respond to Russia’s aggressive behavior in cyber space,” a German foreign ministry spokesperson said.
According to reports, the APT28 cyber espionage campaign saw threat actors exploit a vulnerability in Microsoft Outlook to compromise the email accounts of members of the German Social Democratic Party, as well as the defence, aerospace, IT and logistics sectors.
Additionally, when asked by Reuters, the German Interior Ministry directed the publication to a blog post that claimed Russian-based threat actors had been using malware known as GooseEgg to steal credentials as early as April 2019.
“The security gaps must be actively closed, and we are pushing for this to happen,” said the ministry.
Germany’s allies have been quick to back the country’s call out of Russia. When Germany accused Russia of being behind the 2023 Social Democratic Party attack last week, Australian Foreign Minister Penny Wong said that the nation was “deeply troubled” by the news of the attacks.
“Australia stands in solidarity with Germany in calling out states that act contrary to the norms of responsible state behaviour in cyber space,” said Wong after a meeting with Baerbock in Adelaide.
“We have previously joined the United States, UK, Canada, and New Zealand in attributing malicious cyber activity to APT28.”
Similarly, in reference to the 2022 cyber campaign, the German Interior Ministry said that Germany has been working in accordance with the EU and NATO.
Despite the call out, the Russian embassy is yet to respond.