The announcement could hardly have been clearer. The German government had “emphatically” urged the Russian government to “cease its illegal cyber activities with immediate effect”. A spokeswoman for the Foreign Office reported on Monday. The message is addressed to Moscow, but also to election campaigners in Germany just under three weeks before the general election. For months, Berlin has been warning of disruptive maneuvers from abroad, especially from Russia. The government now clearly sees its fears confirmed.
The German authorities have been alarmed for a long time. Since January, a group of hackers, particularly active in Poland and the Baltic states, has also been leaving its mark in Germany. Your name: “Ghostwriter”. In their sights: MPs from the Bundestag and several state parliaments. The group tries to gain access to the accounts with so-called phishing e-mails to private and business e-mail addresses of politicians. In this way, she can fish sensitive information there or spread false information via the account.
The protection of the constitution has no doubt who is behind the “ghostwriter”: a cyber espionage unit of the Russian secret service GRU. The US IT security company Mandiant has documented numerous cases. According to the report, the unit known as UNC1151 has been practicing disinformation in the Baltic States and Poland in some sophisticated ways since 2017. Twitter accounts, Facebook pages and websites of politicians are hijacked in order to spread false or compromising information – for example via an escort service allegedly operated by the Polish Ministry of Defense.
The federal government has already warned MPs of the danger several times. What is new is that she also makes Russia publicly and specifically responsible for the “ghostwriter” attacks. This suggests that concerns about scenarios such as those in Poland or the Baltic states have increased. At a meeting of the High Working Group on Security Policy last week, State Secretary Miguel Berger demanded that Russian Deputy Foreign Minister Vladimir Titov put an end to the attacks, said the Foreign Office spokeswoman.
Interior Minister Horst Seehofer (CSU) had already warned members of the Bundestag to be vigilant in the spring. On Facebook, for example, information was read “from a third party” due to a security hole, and central e-mail servers were found to be vulnerable. “In order to be able to counter these threats effectively, we must all do our part,” asked Seehofer. “Liberal democracies in Europe must better protect themselves against such attacks,” demanded Konstantin Kuhle, the domestic political spokesman for the FDP in the Bundestag, on Monday. What is needed are common standards for digital election observation and better protection of parliament and the authorities responsible for carrying out the elections, he said Süddeutsche Zeitung.