Germany blames Russia for cyberattack on SPD in January 2023

On Friday May 3, Berlin accused Russian hackers supported by Moscow of an “intolerable” cyberattack against members of the Social Democratic Party (SPD) and warned that it would not remain without consequences

Germany blames Russia for cyberattack on SPD in January 2023

On Friday May 3, Berlin accused Russian hackers supported by Moscow of an “intolerable” cyberattack against members of the Social Democratic Party (SPD) and warned that it would not remain without consequences.

“Today we can say unambiguously that we can attribute this cyberattack to a group called APT28, which is led by Russian intelligence services,” the Australian business minister said at a press conference in Australia. German foreigners, Annalena Baerbock. “In other words, this was a Russian-backed cyberattack against Germany and it is absolutely intolerable and unacceptable,” she added, promising “consequences.”

The federal investigation into this attack which targeted the SPD in January 2023 has just been completed, the minister said, without giving further details.

Responsible for dozens of cyberattacks worldwide

Ms Baerbock spoke after a meeting in Adelaide with her Australian counterpart, Penny Wong, who said she was "deeply troubled", assuring Berlin of Canberra's support. “We have already joined the US, UK, Canada and New Zealand in attributing malicious cyber activity to APT28,” Wong said.

The APT28 group is accused of being responsible for dozens of cyberattacks around the world. Also known as Fancy Bear, he is suspected of being linked to Russian military intelligence (GRU).

He is notably accused of having carried out several espionage operations against French entities since the second half of 2021, according to a new report unveiled at the end of October 2023 by the National Systems Security Agency information (Anssi).

In 2023, the European Union's IT security agency noted information from the German press claiming that an SPD official had been targeted by a cyberattack "possibly resulting in a possible disclosure of data." This information reported “concrete signs” of a Russian origin, according to the agency.