Federal Interior Minister Nancy Fesser (SPD) wants to introduce a draft law soon that will strengthen digital security. Fesser said this at the presentation of the annual report of the Federal Office for the Protection of the Constitution (BfV). The office responsible for counterintelligence and the interior minister have identified China, Russia and Iran as the main attackers. A new position at the BMI aims to help identify disinformation campaigns.
Advertisement
A “huge hybrid threat” is posed by Russia, Federal Interior Minister Nancy Fesser said at the presentation of the BfV annual report in Berlin this morning. The threat to democracy from espionage, sabotage, disinformation and cyber attacks has reached a “new dimension”, the SPD politician said. The attack on the CDU was a “serious cyber attack”. “These attacks are aimed at undermining trust in our democracy.” The highest level of sensitivity is needed in all areas, especially in the area of critical infrastructure. Thomas Haldenwang, president of the Federal Office for the Protection of the Constitution, warned that attacks on “high-value targets” such as individuals, parties, organisations, companies and critical infrastructure can still be expected.
Fesser wants to give more power to BKA
In addition, cybersecurity must also be strengthened, said Feser. This requires expanding legal powers. In particular, he implies expanded powers for the Federal Criminal Police Office (BKA): “There should be no offensive powers of retaliation,” but the BKA must be more competent to act. With this, Feser pointed to the debate about “active cyber defense” – and in particular about so-called hackbacks, i.e. offensive operations in criminal infrastructure. The BKA has emphasized in the past that from the BKA’s point of view it is about shutting down botnets and emergency patching of compromised equipment as well as infrastructure used by attackers.
In the Federal Office for the Protection of the Constitution report for 2023, Russia, China and Iran are identified as the perpetrators of cyber attacks. Haldewand mentioned the attack on the SPD at the end of the year 2022/2023, in which the attackers used a zero-day vulnerability in Microsoft Exchange. In early May, the federal government officially blamed Russian attackers for this attack. Federal Interior Minister Nancy Fesser (SPD) did not want to demand liability for software manufacturers in this context on Tuesday.
Attack on the CDU: The BfV expects more victims of the check point gap
Haldenwang did not want to comment in more detail on the attack on the CDU on the grounds of a lack of check point security. What was helpful, however, was that the BfV and the Federal Information Security Office (BSI) “got involved very early on, after the cyber attack was detected.” His authority, together with the Federal Office for Information Security, managed to notify the many institutions affected.
The BfV believes that most of their systems are now secured. However, Haldevand expects more victims as a result of security gaps. Last week the number of unsecured systems in Germany was mentioned as 1,800.
The propaganda is linked to the Constitution Protection Office and the Minister of the Interior
The BfV and the Ministry of the Interior were not only concerned with IT security, but also with the use of the Internet for propaganda purposes. The state and state-affiliated actors spread propaganda and fake news on many channels, Haldenwang said. Intensive efforts are being made to achieve greater cooperation with platforms such as Telegram. Haldenwang sees the cooperation as being on the right track, “but the self-control of these media could still be improved considerably.”
In this context, Feser noted the emerging effectiveness of the Digital Services Act (DSA). Platforms will also have to fulfill their voluntary commitments.
Workplaces must now identify external campaigns at an early stage
In the fight against foreign disinformation, the BMI began setting up a “central office for detecting foreign information manipulation” at the beginning of the month. “We monitor in a technical way what disinformation campaigns come through the internet, what is disseminated and what is amplified,” said Feser, explaining the goal of the new unit. It aims to bring together various findings from different ministries. The interior minister has not yet revealed how exactly this will happen. According to government circles, the central office is supposed to have a “20-person team working in the areas of monitoring and analysis.” It aims to recognize narratives and actions at an early stage.
The central office for detecting foreign information manipulation is not intended to issue public warnings or take active action against them, but rather works to support the federal government. Haldenwang assured that his authority would make its findings available to the new body.
Ahead of the European elections, there were fears that foreign actors such as Russia could deliberately spread disinformation. There is no evidence of such a widespread action in Germany, although a so-called lookalike campaign was already exposed in January.
(Application)
