Germany has summoned the acting chargé d’affaires of the Russian embassy in response to a Russian cyberattack on the governing centre-left Social Democratic Party (SPD) last year.
Chargé d’affaires Alexei Korlyakov had been summoned for around midday, a spokesman for the German Foreign Ministry announced in Berlin on Friday.
“[It is a clear diplomatic signal] to make it clear to Moscow that we do not accept this behaviour, that we clearly condemn it and that we reserve the right to impose consequences,” the spokesman added.
In June 2023, the SPD said that email accounts belonging to its executive had been the target of a cyberattack earlier that year.
According to the SPD, this was made possible by a security vulnerability in software which was not known at the time of the attack. “It cannot be ruled out that data was leaked from individual email inboxes,” an SPD statement said.
The names of those potentially affected were not disclosed. It also initially remained unclear how many email accounts were targeted and how much data was siphoned off.
SPD General Secretary Kevin Kühnert stated that there were “well-founded indications that the attack was carried out by attackers from Russia.”
According to Foreign Minister Annalena Baerbock, the German government’s investigation into the incident – known in diplomatic jargon as “attribution proceedings” – is now complete.
“We can now clearly attribute this attack from last year to the APT28 group, which is controlled by the Russian secret service GRU,” said the minister. “This is completely unacceptable and will not remain without consequences.”
Neither Baerbock nor a government spokesman said on Friday what these consequences might be. The German government once again called on Russia to refrain from such actions.
Russia’s irresponsible behaviour in cyberspace is contrary to international norms and deserves special attention in a year with elections in many countries, Berlin said. Cyberattacks against political parties, state institutions and critical infrastructure companies are a threat to democracy, national security and a free society, it said.
The European Union has previously imposed sanctions against individuals or organizations in similar cases. Travel bans or the freezing of assets are conceivable.
The bloc “is determined to make use of the full spectrum of measures to prevent, deter and respond to Russia’s malicious behaviour in cyberspace,” read an EU statement, issued by EU foreign affairs chief Josep Borrel on behalf of all 27 member states, on Friday.
“The malicious cyber campaign shows Russia’s continuous pattern of irresponsible behaviour in cyberspace, by targeting democratic institutions, government entities and critical infrastructure providers across the European Union and beyond.”
The NATO military alliance said: “We stand in solidarity with Germany following the malicious cyber campaign against a political party, in this case the Social Democratic Party of Germany, and with Czechia following the malicious cyber activities against its institutions.”
According to the German domestic intelligence service, the APT28 group has been active worldwide since at least 2004, primarily in the field of cyber espionage. According to the Interior Ministry, it has also conducted disinformation and propaganda campaigns in the past and is “one of the most active and dangerous cyber actors worldwide.”
APT stands for Advanced Persistent Threat. This is how security authorities refer to groups controlled by authoritarian states that are tasked with systematically carrying out cyberattacks. Around 40 of these have been identified so far.
Germany’s domestic intelligence service clearly attributes APT28 to the Russian military intelligence service GRU.
The group was held responsible for a major cyberattack on the lower house of Germany’s parliament, the Bundestag, in 2015 and later in the US for an attack on the Democratic Party before the 2016 presidential election.
The EU announced that it had already imposed sanctions in 2020 against individuals and organizations responsible for the APT28 attacks on the Bundestag.
According to previous findings, the attack on the SPD was part of a campaign by APT28 targeting several European countries. According to the EU, state institutions, agencies and organizations in Poland, Lithuania, Slovakia and Sweden were also attacked by the same “threat actor”.
German Interior Minister Nancy Faeser said in Berlin on Friday that she is determined to counter Russian cyberattacks in Germany.
“Under no circumstances will we allow ourselves to be intimidated by the Russian regime. We will continue to provide massive support to Ukraine, which is defending itself against [Russian President Vladimir] Putin’s murderous war,” the SPD politician said.
The security authorities had ramped up all protective measures against hybrid threats and were well networked internationally, she said. “This year, with the European elections and other elections, we must arm ourselves particularly well against hacker attacks, manipulation and disinformation,” said Faeser.