Hackers crack German foreign and defence ministries

Speculation rife that the attackers - believed to be the Russian APT28 group - had access to German ministry networks for a year or more

Germany's foreign and defence ministries are among several government departments targeted in a major cyber attack.

On Wednesday, officials confirmed that attackers had managed to penetrate government computer networks. However, they claimed that it was an "isolated attack" that it had been quickly shut down - although speculation has been rife that the attackers had access for a year or more.

The response to the attack, once it was discovered, caused disruption to a range of German government agencies.

A spokesperson said: "The attack was isolated and brought under control within the federal government" after the Interior Ministry responded "with high priority and significant resources".

There is speculation that the bad actors had access to the network for more than a year before being discovered

According to the Ministry, the attackers were able to access data held by from the Foreign and Defence Ministries, but it did not reveal their identity, nor were they clear about the kind of data that was accessed, nor how far they were able to penetrate.

Officials also failed to explain when the attack actually took place, but reports suggest that it happened in December and implied that the attack is believed to have been launched by the Russian hacking group APT28.

The attack came as Germany's various political parties continued wrangling over the formation of a new government.

Talks have been ongoing since the election in September, with the largest party, the CDU, led by Angela Merkel looking to form a coalition with the second-placed SPD, whose vote fell sharply. The two parties normally face each in mutual opposition.

It is thought that security officials have been gearing up for this sort of attack for a while. Jens Zimmermann, a member of the German Bundestag representing the Social Democrats, said that Germany's Digital Agenda committee would lead high-level talks on Thursday. "The federal government must inform parliament comprehensively," wrote Zimmermann on Twitter..

Myles Bray, vice president of EMEA at cyber security firm ForeScout, said that it clearly showed that governments need to ensure they have the right resources in place to identify and respond to attacks.

"The German government hack underscores the importance of having a strong security posture that starts with a foundation of visibility - knowing exactly what devices are connecting to your network - to protect against the sophistication of modern cyberattacks," he said.

Bray added that businesses should take note from these incidents."While details are still emerging, there is speculation that the bad actors had access to the network for more than a year before being discovered," he said.

"Today's news is another wake-up call. If the government of one of the most developed nations in the world cannot protect itself, business leaders need to review their own security measures to make sure it is up to the task."