Hacker Attack on the German Parliament

There is new insight into the hacker attack on the German Bundestag Parliament: the attackers were looking for current Word documents, among other things.The focus were documents that were drawn up after May 1, and the hacker stole about 20 gigabytes of data from the network. The hack was first discovered when two computers infected with malicious software tried to contact a server to transfer data. German media states that the Bundestag may need to replace 20,000 computers after the recent attack.

“The trojans are still active,” quoted the Spiegel online edition, highlighting the possible risks in terms of security. The hackers had managed to dig deep into the network of the Bundestag for months. Ultimately, they were able to take over the so-called directory service of the Bundestag.

The Parliament hosts a total of more than 20,000 computers, organized as a network. The attackers therefore have access to any system of the Bundestag as well as access to all the fractions, MPs, and parliament staff. Since the attackers now have administrator access into the Bundestag itself, the BSI recommends to abandon the old system and to build a new network.

The stolen data was transferred to eight or nine different, unknown places. Previously, the German newspaper Die Welt had reported that the computer system had been attacked with the help of e-mails and malicious software. There is concrete evidence -- a link had been sent via e-mail to two or more computers in the Bundestag. The link then led to a website that was prepared with malicious software.

This program is said to have then been secretly installed on the computers of the German Bundestag. According to recent findings of the Federal Office for Security in Information Technology (BSI), the malware is a Trojan, which was used in a similar form for months for hacker attacks in several countries. The program has been developed by Russian hackers and already been used in the cyber attack on the French TV channel TV5 Monde in April. At this time, alleged radical Islamists of the "Cyber ‹‹caliphate" are linked to the attack.

Two weeks ago it was revealed that the Bundestag computer had become a multi-day destination for an unknown hacker attack. The hackers had initially infected the computer with a Trojan horses and got access to administrator passwords. They then succeeded to penetrate the entire Bundestag network.

Even computers of government members are affected by the attack. According to information from the ARD Berlin Studios, there is growing evidence that a foreign intelligence service is the originator of the attack.

The magazine Der Spiegel reported the espionage action was discovered earlier this month when two computer infected with malicious software tried to connect to a server in Eastern Europe. The two computers were in the premises of the Union and the Left Party.

The experts have discovered more infected computers that have been taken off the grid. The computer systems of the Bundestag and the Federal Chancellery are popular targets of foreign intelligence services.

Steffi Lemke, a representative of the the Green party, explained that the discovery of data leaks confirms that “the impact of the cyber attack on the Bundestag is worse than previously thought. This attack reveals the Interior Ministry has completely missed out on establishing a functioning cyber defense,” Lemke said.