Many media sources in Germany are seen accusing Russian government funded hacking group Fancy Bear for launching cyber attacks on Defense and Interior Ministries in December last year. The hack was realized by the German law enforcement in December 2017 and their investigation revealed that the hack may have lasted for up to a year.
Fancy Bear also recognized as APT28, a notorious hacking group of the dark world was also blamed for spreading NotPetya Ransomware across Europe and Ukraine in June last year.
The US government including the National Security Agency (NSA) believes that Fancy Bear aka APT28 was also behind a number of cyber attacks on the West, including the breach of 2016 US Elections and the recent disruption of 2018 Winter Olympics opening ceremony which was held in South Korea from Feb 9th to Feb 25th, 2018.
Germany believes that Fancy Bear targeted its federal government’s internal communications network with malware and then sneaked into the government database to spy on secrets related to the administration and military.
A spokesperson from the German Interior Ministry said that the authorities are still investigating the cybersecurity incident but for some reason failed to name any nation or hacking group behind the incident.
Federal Office for Information Security (BSI) and other Intelligence Services of Germany will issue a public statement on this issue early next week. But the possibility to name a nation in the statement by the authorities is bleak.
Readers of Cybersecurity Insiders have to make a note of the point that Fancy Bear was blamed for a similar attack on the lower house of German Parliament in 2015. The group was also behind the attack of the Christian Democratic Union Party of Chancellor Angela Merkel. But authorities still do not have evidence on this note.
APT28 is also known by other names like Cozyduke, Stacy, Pawn Storm, Sednit and Tsar Team on the dark web. The group is reported to be led by a former military officer of Russia and works directly under the orders of Vladimir Putin’s administration.
Note- APT37 happens to be a North Korean government funded hacking group which is suspected to be behind the spread of Wanna cry Ransomware in May last year. APT28 happens to be a government funded a hacking group of Russia. According to a source from FBI, both these groups have worked in coordination on a number of hacking projects in the past.