The Bundestag is investigating whether lawmakers and their staff are being lured into locked emails as part of phishing attacks. The offices of politicians from all factions are said to have received several emails over the past few days that purportedly came from the parliamentary administration, writes Spiegel. Anyone who clicked on the link therein was asked to enter personal information such as the password to the website they accessed.
Advertisement
is a phishing campaign According to the report Part of an official entrance examination. Its purpose is to secretly investigate IT security in the Bundestag. The Information and Communication Technologies (ICT) Commission of the Council of Elders decided on this measure. Meanwhile, a letter from the Bundestag’s IT security department informed all MPs about the background to the action.
Many recipients were not fooled by the suspicious email. They sent them “according to plan” to a reporting office or contacted the Bundestag’s IT hotline, according to Spiegel, quoted from the letter. Such an approach is “absolutely essential” to effectively defend against genuine phishing campaigns. Apparently, not all those affected were aware enough: all those “who clicked on the link in the email” and, if necessary, entered login information, were asked to “change their password as a precaution”. Has gone.
MPs in their eyes: the “Bundestag hack” and the ghostwriter
Green Party deputy Constantin von Notz praised the unannounced rehearsal, saying, “It is good that all constitutional bodies are making it their task to increase their resilience in the face of the sharp increase in threats.” “Sensitivity to rapidly increased risks is an important building block for this.” The 53-year-old is a member of Parliament’s ICT Commission, so he was likely aware of the project in principle.
Local representatives have already had painful experiences with cyber attacks. A serious attack known as the “Bundestag hack” occurred in 2015. At that time, Parliament’s IT infrastructure was temporarily completely disrupted. It is said that 16 gigabytes of data has been lost. The federal government accused the Russian military intelligence service GRU of being behind the hostile actions. Criminals break into IT systems using phishing. A United Nations organization was listed as the sender of the email.
In 2021, allegations were made against a “ghostwriter” gang in this country just weeks before the federal election. According to the federal government, he attempted to use large-scale phishing attacks to obtain “personal login data, especially of members of the Bundestag and state parliaments”. If successful, the captured documents would have been used to prepare a disinformation campaign regarding the election. According to the executive, the tracks again point to Russia. After a while, the IT security company Mandiant became convinced that the cyber gangsters were receiving technical help at least from a group called “UNC1151”, which could almost certainly be assigned to the regime in Belarus.
(usz)
