By Thorsten Severin and Andrea Shalal
BERLIN (Reuters) – Germany’s government was marshalling its defenses on Thursday against a powerful cyber attack that lawmakers said had breached the foreign ministry’s computer network and whose origins officials admitted were still unclear.
The head of a parliamentary oversight panel said the attack was continuing, and security officials were trying to maintain control.
“It is a veritable cyber attack on parts of the government network,” conservative lawmaker Armin Schuster told reporters. “It is a continuing process.”
Schuster declined to give further details, saying that would provide a warning to the attackers, who he did not identify.
“The loss of sensitive information amounts to significant damage on its own,” Schuster said. “But we can say that the German government is trying, as far as we know today, to keep the process under control.”
Facing criticism from lawmakers that they were kept in the dark about the attack, which security officials said they learned of some time ago but authorities first confirmed on Wednesday, Interior Minister Thomas de Maiziere said the hack was technically sophisticated and planned long in advance.
He said security authorities were trying to gain further insight into how it was carried out.
Schuster’s remarks raised questions about Wednesday’s initial confirmation, a statement in which the interior ministry spoke of an “isolated” attack against some government agencies that had been “brought under control”.
DETECTED LAST YEAR?
Media reports said the attack was detected in December but may have been under way for up to a year.
Lawmakers said it had targeted the foreign ministry.
One deputy who was briefed on the incident, said it appeared to have originated in Russia.
The Kremlin could not immediately be reached for comment.
It was the latest in a series of assaults aimed at Germany’s political institutions and key individuals.
Security officials have blamed most of the previous attacks on a Russian hacking group APT28 that experts say has close ties to a Russian spy agency. Security experts have blamed the same group for an attack ahead of the 2016 U.S. presidential election.
Economy Minister Brigitte Zypries said it would be “problematic” if Moscow were found to have launched the attack, as German media have reported.
But she added: “At this moment there is no discussion of that.”
Deputy Interior Minister Ole Schroeder told the RND newspaper group on Thursday that security officials had allowed the hackers to maintain “controlled” access to government networks so they could track the attack and how it was carried out.
Panel head Schuster said it was too early to assess the damage, but his committee would meet again next week.
Patrick Sensburg, another conservative member of the committee, told broadcaster ZDF it involved more complex software and targeted more sensitive data than a 2015 breach at parliament.
Opposition lawmakers criticized the government for not informed the parliamentary oversight committee about the attack sooner.
Committee member Konstantin von Notz, of the Greens, said the delay was “completely unacceptable”, and Andre Hahn, a member of the far-left Left party, said it was a clear violation of the law.
The incident also revived debate about a push by top German intelligence officials for more legal authority to “hack back” in the event of cyber attacks from foreign powers.
(Additional reporting by Michael Nienaber; Editing by John Stonestreet)