German officials confirmed that hackers have managed to obtain access to the internal server of the German Bundestag, the national legislature. The breach occurred two weeks ago. Details remain unclear about what data the hackers took and how sensitive the data is.
The culprits, who remain unidentified, used complicated Trojan malware to get into the system. Officials from the Bundestag say that the work is too sophisticated to have been done by hobbyists or amateurs.
Presumably, that means this hack was performed by professionals, possibly agents of a foreign government. China, North Korea, Russia, and the United States all have advanced cyberwarfare teams and theoretically have the capability to pull off this kind of hack.
The investigation, however, remains ongoing, and German cybersecurity officials have yet to accuse any particular party of this hack.
In 2013, documents leaked by Edward Snowden revealed that the U.S. kept German Chancellor Angela Merkel’s phone bugged so they could listen in on her communications. Last year, the German government asked a CIA official to leave the country in the wake of mounting tensions between the U.S. and Germany.
This January, the Bundestag faced another cyber-attack. In that case, a pro-Russian hacker group in Ukraine took credit.
The press also discovered that the cybersecurity team is unsure of when exactly the attacks began. The malware could have been on the government’s computers for months, even years.
Members of the Bundestag were left reeling after hearing Friday’s news.
“This attack reveals the Interior Ministry has completely missed out on establishing a functioning cyber defense,” Bundestag member Steffi Lemke said.
Bundestag insiders report slow computer speeds, and IT professionals say that this is due to temporarily increased security measures that have been put in place. Those professionals have yet to announce a date when service will be back to normal.
Even that may not be enough to ensure the security of sensitive data; there have been whispers of the Bundestag leaving for their summer recess a month early.
Some members of parliament fear that the implemented countermeasures, especially a log of metadata about websites visited by officials, will be in place permanently, and security will never fully go back to normal at the Bundestag.