Volker Wissing is the German Minister of Transport and is therefore also responsible for the digital infrastructure.Image: dpa / Henning Kaiser
Your questions – our answers
In the wake of the war in Ukraine, the digital ministers of the G7 countries are advising on security on the internet. German security authorities have already become victims of cyber attacks and Ukraine is also fighting online with Russian hackers. What are the dangers of a war on the internet? What are the goals of cyber attackers?
“We have agreed on a joint approach. Everything must now be specified further in the next few weeks.” That was the conclusion of Federal Digital Minister Volker Wissing after the two-day G7 digital minister conference in Düsseldorf.
One dealt with the digital transformation and the question of how new technologies for the benefit of the company can be used.
That security in Internet is one of the big questions of the digitized society is not new. However, the fact that Russian hacker attacks are increasingly becoming the focus of security issues for German authorities is.
Since Putin’s army invaded Ukraine at the end of February, Germany the fear of attacks – albeit on the Internet. One Bitkom survey from the end of March showed that three quarters of Germans are afraid of a cyber war between Russia and the Federal Republic.
What are the reasons and goals of hacker attacks?
Maik Morgenstern is the managing director and technical director of the independent research institute AV Test. When asked by Watson, whether in the real world or in cyberspace, he says: It’s usually about similar goals. “Espionage and sabotage are activities that we primarily see.” Attackers thus disrupt access to websites or entire systems and steal critical data. “This also sends the signal that attacks are possible at any time,” says Morgenstern.
As early as 2020, IT expert Uwe Cantner explained what such a fear of cyber attacks can do interview with the “World“. He said: “Innovative company are particularly affected by the fear of cyber attacks. Many of these companies are reducing their innovation activities because of the risk of cyber attacks. Overall, there are clear negative consequences for economic growth in Germany.”
Some development projects are not even started for fear of digital risks.
In addition to the critical infrastructure, other companies and authorities are also the typical targets of cyber attacks, says Morgenstern. “Depending on the motivation, the concrete goals can change.”
Russian hackers also attack in Ukraine: will Germany help?
To ensure that Ukraine is better protected against cyber attacks in the war against Russia, the G7 states want to send hardware to help. “This is also a war on the Internet and that is why Ukraine must also be defended on the Internet,” said Federal Digital Minister Volker Wissing (FDP) on the sidelines of the G7 meeting.
What exactly is sent for technology is still unclear. The Ukrainian counterpart Mykhailo Fedorov, who was online at the meeting, announced that he would send a list with the exact needs.
Are we already in a cyber war?
Cyberwar is a new form of warfare. A war based purely on digital strategies. It includes – by definition at least – any action by a state to penetrate the computer networks of another state in order to cause damage there. This is what the German Society for the United Nations (DGVN) writes on its website.
And several websites have already been shut down – such as German security authorities. In March and April there were also attacks on wind farms and wind energy companies across Europe.
Maik Morgenstern is the managing director of the AV Test institute.Image: AV Test
“So-called ‘Nation State Threat Actors’, i.e. state-controlled hacker groups, have been a real threat for years and campaigns and attacks are being uncovered again and again,” explains IT expert Morgenstern. But he also warns against prejudice: “You have to be careful with the term cyber war. Not every attack by a (presumably) state-controlled hacker group on targets outside of your own country can be described as cyber war.”
Authorities warn against the Russian protection software Kaspersky – rightly so?
That Federal Office for Security in Information Technology (BSI) now warns against the use of virus protection software from the Russian manufacturer Kaspersky. On its website, the BSI recommends using alternative products.
Expert Morgenstern cannot judge whether the company Kaspersky could harbor the political will to carry out attacks via its virus protection program. “We only evaluate the technical aspects of anti-virus software”he says.
“Due to its far-reaching system rights, all protective software offers the possibility of being used as an attack tool, and this is not limited to Kaspersky. We cannot assess whether and how something like this could actually be exploited by states.”
Kaspersky itself claims not to be connected to the Kremlin. A statement read: “Kaspersky is a privately held global cybersecurity company, and as a private company Kaspersky has no ties to the Russian or any other government.” We will continue to remain transparent and work together with the BSI.
But the BSI wants to play it safe. The actions of the Russian military and the intelligence services as well as the threats by the Kremlin against the EU, NATO and the Federal Republic are risks for an IT attack.
“A Russian IT manufacturer can carry out offensive operations itself, be forced to attack target systems against its will, or be spied on as a victim of a cyber operation without its knowledge, or be misused as a tool for attacks against its own customers,” says the BSI .
Do private users also have to be afraid of hacker attacks?
According to IT expert Morgenstern, private users are generally not directly affected by attacks. “But if, for example, critical infrastructure is attacked and this leads to bottlenecks in the supply or a failure of the power grid, you will of course feel the effects.”
However, private individuals could be an interesting target if they themselves are a manager in companies or authorities or know such people. Morgenstern says that an attacker could have an interest in “infecting the potentially poorly protected private devices in order to reach higher-value targets in the corporate network from there”.
The digital ministers of the G7 countries met in Düsseldorf.Image: www.imago-images.de / IMAGO/Piero Nigro
What is behind “Putin’s cyber army”?
When Russian hacker groups attack somewhere, people often talk about “Putin’s cyber army”. However, according to the IT expert, the assignment of attacks to specific hacker groups and countries is always fraught with uncertainty.
“However, there are various groups that can be assigned to Russia with a relatively high degree of certainty, including groups such as ‘Cozy Bear’, ‘Fancy Bear’ and ‘Sandworm’.” Groups involved in current attacks in Ukraine, among other things.
But there are also hacker groups that are not controlled by the state and still act in the interests of certain states. “These include, for example, the recent DDOS attacks on German government websites,” says Morgenstern. In such attacks, websites are bombarded with countless requests at the same time – and then collapse under such a load.
A Russian group called Killnet claimed responsibility for these attacks on German official sites. But Morgenstern says: “No connection to government agencies is known here.”
Does Germany have a cyber army?
“In Germany there is, among other things, the ‘cyber and information space’ of the Bundeswehr”, explains the expert. But this department and the defined tasks serve to defend against, not to attack – at least on paper.
“As far as I know, it has not yet been politically clarified to what extent offensive measures, the so-called hackback, also fall within the remit,” said Morgenstern.
How well is the government protected against hacker attacks?
How well a government or even a company is protected cannot usually be judged from the outside. After all, information on this is kept under lock and key as much as possible. Because if a government revealed how it protects its data, it would be an easier target for potential attackers.
“Both in the area of the BSI, the Federal Criminal Police Office and the Bundeswehr, a lot has been initiated in the area of cyber security in recent years”, explains Morgenstern. However, absolute security cannot be achieved in this way. Because attackers are evolving. According to the expert, they adapt to the conditions they find and try to avoid them.
“This really is the classic game of cat and mouse.” It is important that the German government understands IT security as a process and not as a condition. You have to continuously develop technically, organizationally and personally.
But Morgenstern also says:
“This touches on one of the most critical points: there is a lack of skilled workers. If the government can provide incentives to promote the development of cybersecurity personnel in Germany, both authorities and companies would benefit massively.”
(With material from dpa)