The Russia connectionHundreds of German politicians hacked – except those on the pro-Russia far right

Published 4 January 2019

The personal and job-related information of German Chancellor Angela Merkel, senior politicians, and members of the Bundestag from all political parties was released by hackers and posted to Twitter. The leaked information included office letters, internal memos, departmental communicatin, contact details, office access passcodes, and more. The only politicians who were not hacked and the information of which was not released: Members of the populist, far-right, pro-Russia Aleternative for Germany (AfD). In the run-up to the fall 2017 federal election in Germany, the GRU, Russia’s military intelligence, helped the AfD by employing the same combination of hacking and social media disinformation the GRU had succefully used to help Donald Trump win the 2016 U.S. election. The Russian campaign was successful, and the AfD is now the thiord-largest party in the Bundestag.

The Federal Office for IT Safety (BSI), Germany’s digital authority, is “intensively” investigating a massive data leak which saw saw the personal and job-related information of hundreds of politicians from across the political spectrum published online, a spokesman for the (BSI) said on Friday.

“Hacking attack against politicians: The BSI is currently intensively probing the issue in close cooperation with other federal institutions,” the BSI said on Twitter, adding that “according to what we know so far” the government’s confidential networks were unaffected.

The massice hack targeted all of Germany’s political parties currently represented in the federal parliament, with one noticeable exception: The populist, far-right, pro-Russia Alternative for Germany (AfD).

In 2016, the GRU, Russia’s military intelligence, effectively employed a combination of hacking and social media disinformation campaign in order to secure Donald Trump’s victory in the November 2016 presidential election.

The GRU employed the same combination of methods in the run-up to the fall 2017 German federal elections in support of a similar populist, far-right, pro-Russian political movement – the AfD.

Russia’s effort was succesulf in Germany, too, leading the the AfD becoming the third-largest party in the Bundestag.

The New York Times reports that preliminary review of the documents discovered no sensitive information. The information published on Twitter included mobile phone numbers, contact info, and credit card details from members of Germany’s major parties. The leak also included banking and financial details, ID cards, and private chats.

Justice Minister Katarina Barley described the incident as a “serious attack.”

“The perpetrators wanted to damage our trust in democracy and our institutions,” she told reporters.

Interior Minister Horst Seehofer said an initial analysis suggests that the material was obtained from cloud services, email accounts or social networks.

Among the targets were Chancellor Angela Merkel and President Frank-Walter Steinmeier..

“With regard to the Chancellery it seems that, judging by the initial review, no sensitive information and data have been published and this includes (from) the chancellor,” a government spokeswoman told reporters.

The hackers published Merkel’s fax number, email address, and several letters written by and addressed to her, according to the DPA news agency. 

Social Democrat parliamentarian Helge Lindh was one of the victims of the attack. He told DW that although the hack was “alarming,” he was not surprised it happened.

“There is evidence of a number of phishing attacks and data leaks collected over a sustained period of time,” he said. “It is shocking that politicians are so vulnerable, and it is our task to improve security.”

The document leak was first discovered Thursday evening, the RBB Inforadio, a Berlin-area German public broadcaster, reported. The documents had been posted online as early as December 2018, however, by a Hamburg-based Twitter account whchi released them in an Advent calendar style. The Twitter account describes itself with labels such as security research, artist, and satire.

The Hamburg Data Protection Agency said the Twitter account has been deleted. The agency was working with Irish data protection authorities to prevent the further dissemination of politicians’ information.

The authenticity of the leaked information could not be immediately verified and no discernible pattern could be detected to the leaked documents.

On Friday, Germany’s defense ministry announced that the department had not been affected by the hacking.

Reuters reports that the BSI was only informed about the hacking shortly before the story was reported by German media.

The New York Times notes that beyond Germany, the hacking adds to concerns about the security of European parliamentary elections in May, which many officials fear are vulnerable to digital interference and disinformation campaigns by hackers or state-backed groups. Last month, European Union officials announced an action plan to better coordinate responses to false messages around the elections.

Jonas Kaiser, a Harvard University expert who studies online misinformation, told the Times that the weaponization of hacked information was becoming increasingly common in politics. The most notable example was emails from the Democratic National Committee during the 2016 election in the United States.

“A lot of leaks and hacking campaigns have become a more normal part of the political discourse,” he said.