German cyber defense body defends itself over massive breach
January 6, 2019
Germany's Federal Office for IT Safety (BSI) has said that it had only become aware of a massive data breach affecting hundreds of lawmakers on Friday, several weeks after a lawmaker had told BSI officials about suspicious activity on personal accounts.
"Everybody assumed it was an isolated case," the BSI said. "Only by becoming aware of the release of the data sets via the Twitter account 'G0d' on January 3, 2019, could the BSI in a further analysis on January 4, 2019 connect this case and four other cases that the BSI became aware of during 2018," it added.
BSI head Arne Schönbohm said Friday that the agency had spoken with "some lawmakers" affected by the breach in early December. The statement prompted outrage among other hacking victims, who assumed BSI had known about the issue and failed to inform them.
Read more: Six hack attacks that shook the world
Anger at BSI
"I am outraged that I am learning about the data leak from the media, even though I am a member of the parliament's Intelligence Oversight Committee and Home Affairs Committee," Left party lawmaker Andre Hahn told the media group Redaktionsnetzwerk on Saturday.
Günter Krings, a conservative lawmaker from the Christian Democrats, also criticized authorities. "The obligation of the federal government to inform parliament also applied between Christmas and New Year," he told the Rheinische Post newspaper.
Lars Klingbeil, the general secretary of the Social Democrats, demanded that it must be quickly and precisely cleared up "which authority knew what and when, and what was the response." In comments to the Funke media group on Sunday, Klingbeil complained of "confusion among security authorities," including Interior Minister Horst Seehofer.
Bundestag Vice President Thomas Oppermann of the Social Democrats slammed the BSI's negligence.
"It is outrageous that stolen data was present for days on the internet and the competent authority did nothing to inform and protect those affected," Oppermann told Bild am Sonntag newspaper, adding that there were "obviously serious shortcomings in the coordination of the security authorities."
<div class="opinary-widget-embed" data-poll="can-governments-prevent-future-cyber-att" data-customer="deutschewelleeng"></div> <script async type="text/javascript" src="//widgets.opinary.com/embed.js"></script>
Massive security breach
The security breach, uncovered by journalists on Thursday, targeted all of Germany's political parties currently represented in the federal parliament except for the far-right Alternative for Germany (AfD). It also impacted the European, German and state parliaments as well as municipal officials and celebrities.
Read more: Germany detects new cyberattack targeting politicians, military
Data published on Twitter starting in early December included mobile phone numbers, contact info and credit card details from members of Germany's major parties. The leak also included banking and financial details, ID cards and private chats.
Among the apparent targets were Chancellor Angela Merkel and President Frank-Walter Steinmeier. Merkel's successor at the helm of the CDU party, Annegret Kramp-Karrenbauer, was also targeted.
German movie star Till Schweiger and comedian Jan Böhmermann were also hit by the hacking attack, along with several other celebrities.
BSI: Not our responsibility
A preliminary review of the documents discovered no sensitive government information had been released and government networks were not accessed, according to the BSI.
The agency also said it was not responsible for protecting the data that had been compromised. "The BSI can only act in an advisory capacity and provide support when it comes to securing party or private communication between lawmakers," it said.
Most of the data stems from private and personal accounts of the victims, according to the agency.
Berlin was now looking into tougher security regulations for software manufacturers and internet platforms, Germany's Justice Minister Katarina Barley told Die Welt newspaper.
'Alarming,' but not surprising
Social Democrat parliamentarian Helge Lindh was one of the victims of the attack. He told DW that although the hack was "alarming," he was not surprised it happened.
"There is evidence of a number of phishing attacks and data leaks collected over a sustained period of time," he said. "It is shocking that politicians are so vulnerable, and it is our task to improve security."
The documents were posted online as early as December by a Hamburg-based Twitter account that released them in an Advent calendar style. The Twitter account describes itself with labels such as security research, artist and satire. The account has since been suspended.
The authenticity of the leaked data could not be immediately verified and no discernible pattern could be detected to the leaked documents. There is currently no known suspect or motivation.
kw, cw/cmk (dpa, Reuters, AFP, AP)