The investigations of the German Authorities indicate that the Russian hacking group 'APT 28' is responsible for the attack. [1] The British Cyber defense agency has alleged that this group is linked to the Russian military secret service 'GRU' which has also been accused of meddling with the US Presidential elections in 2016. [2]
Target
The network of the German Federal Parliament used by all MPs as well as the German chancellor
Method
At the beginning of 2015, MPs received an email from the address 'UN.org' which was designed like a UN News Bulletin. Clicking on the link contained in the email led to the installation of the malware on the computer. The malware was then able to spread and eventually infiltrated the networks of the Parliament. [3]
Purpose
The hackers were able to access internal confidential communication data (such as confidential emails of MPs), their schedules, meeting details as well as other sensitive data.
Result
The group was able to maintain unauthorized access for several months until the attack was detected in May 2015 and even managed to access a computer in the parliamentary office of the chancellor. [4] Approximately over 16 GB of data was stolen. [5]
Aftermath
The German parliament's computer system was shut down for four days for maintenance works and additional safety mechanisms were installed. [6] Investigations initiated by the German intelligence service led to the conclusion that the attack had been launched by a 'foreign intelligence service'. According to Die Zeit, the Chancellery staff considered responding to the malicious activity since they were convinced that the intruders had been acting on behalf of Russia. [7]