Fraud Management & Cybercrime , Social Engineering

Phishing Attacks Targeting Political Parties, Germany Warns

Escalation of Cyberespionage Likely Tied to Upcoming European Elections
Phishing Attacks Targeting Political Parties, Germany Warns
German agencies including the Federal Office for Information Security warned about an uptick in phishing emails targeting political parties. (Image: Shutterstock)

German federal agencies warned that phishing attacks targeting political parties surged ahead of upcoming European Union elections.

See Also: Code Red: How KnowBe4 Exposed a North Korean IT Infiltration

The Federal Office for Information Security, or BSI, and the Federal Office for the Protection of the Constitution on Thursday blamed nation-state hackers.

"An increase of attacks can currently be assumed, particularly in light of the upcoming European elections. These may include phishing attacks to publish stolen data or documents," a BSI spokesperson told Information Security Media Group.

The spokesperson said the attacks have heightened the "threat level for the targets in focus," and that the agency has contacted political parties about the dangers of potential hacks and leak campaigns.

The agency did not attribute the attacks to a specific country but confirmed that they are tied to a nation-state group.

The disclosure comes just weeks after security firm Mandiant warned of a Russian hacking campaign targeting political parties in Germany. The company attributed the campaign to the Russian state-sponsored hacking group it tracks as APT29, which has used emails designed to appear from the German Christian Democratic Union (see: Russian Nation-State Hacker Targets German Political Parties).

APT29, also known as Midnight Blizzard and the Dukes, operates out of the Foreign Intelligence Service.

Speaking to a German outlet, the agencies said hackers carried out a phishing attack using spoofed websites. The attackers sent victims emails that appeared to come from IT support staff in an apparent bid to harvest credentials.

Western intelligence agencies have made similar warnings. Recently, the British deputy prime minister revealed at least five members of the U.K. Parliament had been targeted as part of an espionage campaign that the country attributed to Chinese nation-state group APT 31 (see: UK Discloses Chinese Espionage Activities).

In a recent indictment unsealed by the U.S. Justice Department against suspected APT31 hackers, authorities revealed the group targeted multiple lawmakers across Europe.

Last year, German intelligence warned Russian and Chinese hackers were targeting critical infrastructure in the country. While the Russian attacks largely stemmed from Germany's vocal support for Ukraine and focused on stealing intelligence on NATO activities, the agency said the Chinese threats were espionage activities intended to support Beijing's Made in China 2025 plans.

In a move intended to shore up its defense capabilities in the wake of increased cyberattacks, German Defense Minister Boris Pistorius on Thursday announced plans to revamp the country's military forces, which include creating a new force that specializes in electronic warfare and cyberwarfare.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.