Germany Strengthens Its Cyber Defense
How It's Meeting the Russian Threat
Amid bucolic lakes on the edge of Potsdam, the Prussian garrison city of Frederick the Great, sits the Hasso Plattner Institute, an IT research center named after the founder of the German software company SAP. Here Germany’s leading cyber warriors, industrialists, and intelligence officials gather once a year to talk about the digital threat landscape. Despite the splashy topic, discussions are not prone to sensationalism, focusing on relatively mundane areas such as breach notification requirements, technical norms and standards, and critical infrastructure classifications.
This year was different. Germany’s most senior federal intelligence officials presented a united front about the potential threat of Russian cyber-influence in their country’s September elections. Hans-Georg Maassen, the head of the Federal Office for the Protection of the Constitution (BfV)—Germany’s domestic intelligence service—did not mince words: “We expect further attacks,” he said, adding that they recognized the threat as “a campaign being directed from Russia.” Maassen was referring to the Russia-attributed 2015 hack that hoovered up massive amounts of e-mails, correspondence, and sensitive information from well-placed members of the German Bundestag. The decision of whether to release the tranches of data “will be made in the Kremlin,” Maassen said, implicating President Vladimir Putin personally in any decision to use doxxed material, disinformation, or other cyber-actions to disrupt the integrity of the German elections. In turn, Bruno Kahl, the head of Germany’s international intelligence arm, the Federal Intelligence Service (BND), called for more money to boost cyber offensive and defensive capabilities.
The two were expressing concern that recent cyberattacks against Germany match the pattern of earlier attacks elsewhere in the West—first against Hillary Clinton’s presidential campaign, in the United States, and more recently against then presidential candidate Emmanuel Macron, in France. The pattern is simple: a series of hacks and information exfiltration, followed by leaks strategically timed to impact the election’s outcome. In the case of the United States, the leak phase of the DNC operation began on July 22, 2016,Read the full article on ForeignAffairs.com