Lawmakers want information about cyberattack on German govt

German lawmakers slammed Chancellor Angela Merkel's government today for not telling them about a cyberattack on at least two ministries, likely committed by a Russian-backed hacking group.
Parliament's committee for digital affairs called an emergency meeting for later in the day to review the information and demand details of the investigation into the attack, which only became public yesterday.
"If the government knew about this since December, the fact that lawmakers responsible for oversight of (digital affairs) had to learn of it through the press is really scandalous," said Anke Domscheit-Berg, a member of the committee with The Left party, on ZDF television.

German news agency dpa cited unidentified security sources Wednesday as saying the Russian group APT28 hacked into Germany's Foreign and Defense Ministries and managed to steal data. It said the attack was uncovered in December and may have been going on for a year.
Following the report the Interior Ministry confirmed a hack of the computers of the "federal administration," saying "the attack was isolated and brought under control." An Interior Ministry spokesman wouldn't give further details, citing the ongoing analysis and security measures being taken.
But according to German media, the breach was allowed to continue through Wednesday so that investigators could gather information about the scope and the targets of the attack and its initiators.

"If it turns out to be true, it is a form of warfare against Germany," the head of the digital affairs committee, Dieter Janacek from the Greens party, told the Berliner Zeitung newspaper. Janacek characterized the attack as "severe" and called on the government to pass on the information it has to parliament.
Asked whether the attack was executed by a Russian-backed hacker group, Domscheit-Berg said "there are indications for that, but we don't really know." APT28, which has been linked to Russian military intelligence, has previously been identified as the likely source of an attack on the German Parliament in 2015, as well as on NATO and governments in eastern Europe.

Also known by other names including "Fancy Bear," APT28 has also been blamed for hacks of the U.S. election campaign, anti-doping agencies and other targets.