German news agency Deutsche Welle has alleged that the Russian hacker group Sofacy (APT28) attacked the computer system of German Parliament, the Bundestag. The hacker group has been under a French investigation for an alleged attack on French broadcast station TV5 Monde in April.
Deutsche Welle managed to reach an expert who claimed there was "concrete evidence" of who the parliament attackers were.
The expert claimed that Sofacy hackers attacked the Bundestag computers with several waves of Trojan viruses which installed themselves secretly on the computers and managed to gain access to the parliament’s network and classified information.
According to the German DPA news agency, all members of Bundestag have received emails announcing the cyberattack threat is not over and urging them to pay more attention to IT security.
The Bundestag members slammed the parliament’s administration on Friday over reports showing the administration ignored threat alerts two days before the actual attack.
One of Merkel’s conservative allies, Stephan Mayer, said that "in view of the seriousness of the attack, information should have been prompter and more insistent."
Berliner Zeitung claimed that hackers managed to gain access to the Bundestag’s complete electronic infrastructure.
After the release of reports of the cyberattack, Germany's parliamentary speaker Norbert Lammert said that only parts of the servers were affected, and that replacing all of the 20,000 Bundestag computers would be unnecessary.
Lambert also assured lawmakers that the leakage of computer data was stopped and there were not any active trojans on the computers.
The attack took place in May and was initially noticed by IT staff at the Bundestag when two computers affected by malicious software attempted to transfer data to a server in Eastern Europe.
Following the incident technicians discovered that many computers in the Bundestag were infected with the Trojan malware.
Before suspecting Sofacy, German technicians managed to track source codes and were suspicious that the Kremlin was responsible for the attack.
Bild reported that Chancellor Merkel’s computer was being used to spread viruses to the Bundestag computers, from which they sent data to Russia.
The German newspaper’s claims have not yet been confirmed by any government officials.