The German government has called out Russia for carrying out phishing attacks against German politicians ahead of the country’s upcoming parliamentary elections, the Associated Press reports.
Germany’s Foreign Ministry spokeswoman Andrea Sasse stated that a campaign known as Ghostwriter has been “combining conventional cyberattacks with disinformation and influence operations” to target Germany. She noted that these attacks have been ongoing “for some time now.”
Ghostwriter tends to launch anti-NATO cyber operations, and has targeted other European countries in the past. Sasse said Ghostwriter is associated with Moscow’s military intelligence service, the GRU.
“The German government has reliable information on the basis of which Ghostwriter activities can be attributed to cyber-actors of the Russian state and, specifically, Russia’s GRU military intelligence service,” Sasse said. It “views this unacceptable activity as a danger to the security of the Federal Republic of Germany and for the process of democratic decision-making, and as a severe strain on bilateral relations.”
Sasse stated, “The federal government strongly urges the Russian government to stop these unacceptable cyber activities with immediate effect.”
She also noted that the phishing activity may be intended to launch disinformation operations surrounding the elections.
“These attacks could serve as preparations for influence operations such as disinformation campaigns connected with the parliamentary election,” Sasse said. She added that the attacks “are of course completely unacceptable, and that the German government reserves the right to take further measures.”
Germany’s elections take place on September 26th, so these attacks can be expected to continue in the coming weeks. The Associated Press notes that
Phishing is used by both low-level criminals and sophisticated state-sponsored actors because it works so well. Spear phishing is even more effective, since it targets users with content they’re expecting to receive. New-school security awareness training can enable your employees to thwart targeted social engineering attacks.
The Associated Press has the story.