2024-08-02 05:15:38
Attack on Federal Office
China’s ambassador summoned over 2021 cyberattack
Updated on 31.07.2024Reading time: 3 min.
It had long been suspected that China had orchestrated a hacker attack on the Federal Agency for Cartography. Now the Foreign Office is officially pointing the finger at Beijing.
The German government is certain that hackers controlled by China were behind a serious cyber attack on the Federal Office for Cartography and Geodesy (BKG) at the end of 2021. “Today we know that state-controlled Chinese cyber actors have infiltrated the BKG’s network for espionage purposes,” said a spokesman for the Foreign Office in Berlin. The Chinese ambassador was summoned based on these findings.
The German government condemns the cyber attack in the strongest possible terms, he added. At the same time, the German government calls on China to “refrain from and prevent such actions” in the future.
The attack was attributed “on the basis of a thorough technical analysis” and reliable information from the intelligence services, said the spokesman. The Federal Office, which provides geodata, plays an important role, also for critical infrastructure facilities – these include, for example, energy suppliers, waterworks and transport companies.
The BKG provides current official geodata for the entire country. It also combines its own data with that of the federal states and third-party providers. The data and recordings are also used by companies in the security sector. It is not known whether the cyber spies were explicitly looking for information for this group of users during their attack, which probably remained undetected for a long period of time.
The spokesman for the Federal Ministry of the Interior, Maximilian Kall, explained that the attackers had used so-called obfuscation networks. According to the findings of the security authorities, the attackers had compromised end devices belonging to private individuals and companies in order to use them for their cyberattack on the Federal Office. A network area of the Federal Office was affected.
The reconstruction of the network was carried out in accordance with the recommendations of the Federal Office for Information Security (BSI). It is considered certain that the hackers were successfully excluded from the BKG networks.
“This serious cyberattack on a federal agency shows how great the danger is from Chinese cyberattacks and espionage,” said Federal Interior Minister Nancy Faeser (SPD). She referred to a draft law that the cabinet had passed last week.
This provides for stricter rules for the protection of critical facilities and important companies from cyber attacks and is intended to implement the European NIS 2 Directive. Large companies in the energy, transport and traffic, drinking water, wastewater and telecommunications sectors are considered particularly important institutions within the meaning of the law.
The obligation to implement certain security measures to defend against and deal with cyber attacks will affect around 29,500 companies in the future, significantly more than before. In addition, the BSI’s toolbox will be expanded – including the possibility of imposing fines.
China is a major player in espionage against Germany
According to the Office for the Protection of the Constitution, China is one of four main actors when it comes to espionage directed against Germany, alongside Russia, Iran and Turkey. The Office for the Protection of the Constitution’s 2023 report states that there has been “a clear qualitative and quantitative development” in the approach of Chinese cyber espionage actors.
China is pursuing an “offensive cyber strategy that aims to make an important contribution to the country’s industrial and geopolitical goals through extensive knowledge transfer,” the Federal Ministry of the Interior said. Since the beginning of 2023, a number of cyber attacks have also been detected, primarily targeting IT service providers that manage government networks.