Germany blames Russian hackers for months-long cyber espionage
“The Russian cyberattacks are a threat to our democracy, which we are resolutely countering,” said the interior minister, Nancy Faeser, in a statement adding that Germany was acting alongside the EU and NATO. “Under no circumstances will we allow ourselves to be intimidated by the Russian regime.”
According to German officials, the attacks within the campaign can be traced back to the time when Germany was sitting on a decision to send Leopold 2 battle tanks to Ukraine upon its appeal for a fleet of 300 from Europe.
Germany had, reportedly, been prepared to send 14 such tanks conditional to the United States doing the same, not wanting to risk an aggressive Russian response alone.
Known nation-state offender
APT28 has earned renown for its large-scale nation-state attacks in more than a dozen countries in the world. Described by the UK’s National Cyber Security Center as a “highly skilled threat actor,” the group is known to have used tools including X-Tunnel, X-Agent, and CompuTrace to penetrate target networks.
The threat group was also found behind several mass attack campaigns that exploited known flaws in Outlook and WinRAR to collect Windows NTLM credential hashes from organizations in Europe and North America.
“Czechia has long been targeted by the APT28. Such violations are in violation of UN norms of responsible state behavior,” a Czech Republic foreign ministry statement said. A series of recent international efforts led by the FBI, the German statement added, shut down a botnet of compromised network devices in late January, which are believed to have been used by Fancy Bear in their cyber espionage scheme.