Germany's main opposition party hit by ‘serious’ cyberattack

Germany’s leading opposition party, the Christian Democratic Union (CDU), was hit by a large-scale cyberattack over the weekend.

The German Interior Ministry (BMI) said in a statement on Saturday that the authorities are “working intensively to ward off the attack, investigate it, and prevent further damage.”

“Our security authorities have ramped up all protective measures against digital and hybrid threats and are informing people about the dangers,” the BMI added.

The agency didn’t provide any details about the attack — except that it was “serious” — and didn’t disclose who they suspect was behind it or what damage it caused to the CDU’s networks.

In a comment to Reuters, the ministry’s spokesperson said that the manner in which the attack was carried out “points to a very professional actor.”

The CDU said in a separate statement that it has taken down and isolated parts of its IT infrastructure as a precautionary measure, several German media reported. The party’s website is up and running as of the time of writing.

All parties in the German Bundestag were warned about the attack, BMI said. Anonymous sources inside the government told the German news website Der Spiegel that they are taking this incident “very seriously.”

“Whoever carried out this attack sees the CDU as a threat to their interests,” CDU politician Mario Voigt told German media. The party is working closely with German security authorities and other external security experts.

The incident comes just ahead of the European Parliament elections and follows public disclosure of another major attack on a German political entity — the Social Democratic Party (SPD) — which was attributed to Russian state-controlled hackers known as APT28.

In response to the attack, Germany summoned its ambassador to Russia back to Berlin to discuss the incident. Russia "categorically rejected" allegations of its involvement in the hack, calling them "unproven and unfounded."

In an interview with Recorded Future news last week, German cyber ambassador Regine Grienberger said that Berlin is preparing to use the "European cyber diplomacy toolbox" in response to the SDP breach.

Germany is observing a steep increase in cyberattacks originating from both state actors and cybercriminals linked to Russia, according to Grienberger.

Russian ransomware gangs are attacking the country’s private companies as well as public services "basically every day or every week," she said. Kremlin-backed state hackers are also targeting the country’s critical infrastructure and government institutions. 

"There’s a constant level of alert" in Germany in relation to cyberattacks, according to Grienberger. 

"No time to relax," she said.