Berlin, US blame Russia for cyber attack on SPD
Admin I Friday, May 02, 2023
BERLIN – Germany and the United States of America today blamed Russia for the 2023 cyber attack on the centre-left Social Democrats, SPD.
Speaking on Friday, German Foreign Minister Annalena Baerbock said Berlin blames a unit of the Russian military intelligence service GRU for a 2023 cyber attack on the centre-left Social Democrats (SPD).
“Russian state hackers attacked Germany in cyberspace,” Baerbock said in Adelaide during a visit to Australia, adding there would be consequences.
In June 2023 the SPD, the dominant party in Germany’s ruling coalition, said that email accounts belonging to its executive had been the target of a cyber attack earlier that year.
According to the SPD, this was made possible by a security vulnerability in software which was not known at the time of the attack. “It cannot be ruled out that data was leaked from individual email inboxes,” a SPD spokesperson said.
According to Baerbock, the German government’s investigation into the matter, led by the Foreign Office, has now been concluded.
“We can now clearly attribute this attack from last year to the APT28 group, which is controlled by the Russian secret service GRU,” said Baerbock. “This is completely unacceptable and will not be without consequences.”
Meanwhile, United States has strongly condemns the malicious cyber activity by Russia’s General Staff Main Intelligence Directorate (GRU), also known as APT28, against Germany, Czechia, Lithuania, Poland, Slovakia, and Sweden.
In a statement, Department Spokesperson, Mathew Miller said the United States joins Germany in attributing specific malign activity carried out by APT28 that targeted a German political party.
The department described APT28, also known as Fancy Bear, Strontium, and Forest Blizzard, as a well-known threat actor with a long history of engaging in malicious, nefarious, destabilizing and disruptive behavior.
“The United States has previously indicted and sanctioned actors associated with APT28 for their involvement in a wide range of malign cyber activity, including cyber activities aimed at interfering in the 2016 U.S. presidential elections, and sustained hack-and-leak operations targeting the World Anti-Doping Agency (WADA) that intended to undermine and sow doubt in the integrity of the organization.
“The U.S. Department of Justice has worked with Germany to remediate a network of hundreds of small office/home office routers that APT28 was using to conceal and carry out malicious activity, including the exploitation of CVE-2023-23397 against targets in Germany. The DOJ action further blocked the GRU from regaining access to remediated devices”, the statement said.
It noted that Russia’s pattern of behavior blatantly disregards the Framework for Responsible State Behavior in Cyberspace, as affirmed by all United Nations Member States.
“The United States is committed to the security of our allies and partners and upholding the rules-based international order, including in cyberspace. We call on Russia to stop this malicious activity and abide by its international commitments and obligations. With the EU and our NATO Allies, we will continue to take action to disrupt Russia’s cyber activities, protect our citizens and foreign partners, and hold malicious actors accountable”.