Eight months after the nation's chancellor accused China of information attacks, Germany now faces criticism over its intelligence agency's use of software designed to spy on other countries' officials. The latest incident, which began in June 2006, involved Germany's intelligence agency -- the Bundesnachrichtendienst (BND) -- launching an information attack against the Ministry of Commerce and Industry of Afghanistan, ostensibly an ally, according to media reports. Using a Trojan horse, the intelligence agents were able to read an Afghan government official's e-mail, including his correspondence with a reporter working for the German news magazine Der Spiegel, and data stored on the compromised PC's hard drive. The German Constitution protects the secrecy of telecommunications, but BND's legal counsel concluded that, because the messages were stored communications, they did not fall under the constitutional protection, Der Spiegel reported. The operation ended on November 2006, when a whistleblower sent a letter to his superiors warning of the surveillance, the magazine reported. In February 2008, an anonymous BND employee notified two members of Germany's parliament of the intelligence agency's wiretapping activities. The incident only recently came to light during a Parliament hearing two weeks ago. German's Interior Minister Wolfgang Schaeuble raised the specter of terrorism during a TV interview to defend the cyber-espionage tactics as necessary. "It's about a few isolated cases," he said, according to an Associated Press report. (Source: Securityfocus) The article from The Spiegel mentioned some interesting parts
Let take a trip back in time. In September, Germany accused China of cyberespionage. Now it seems that Germany was also using Trojans to eavesdrop on the communication of other countries. It's excuse? The war on terror!
It all began in a small unit in the BND's Division 2. The department is responsible for "technical procurement" -- in other words, obtaining information with technical means, which mainly involves the wiretapping of telecommunications, called "signals intelligence" in industry jargon. In 2006, Division 2 consisted of 13 specialist departments and a management team (Department 20A), employing about 1,000 people. The departments are known by their German acronyms, like MOFA (mobile and operational telecommunications intelligence gathering), FAKT (cable telecommunications intelligence gathering) and OPUS (operational support and wiretapping technology).In early June 2006, the OPUS team in department 26E launched an intelligence attack against Afghanistan. The details could have been taken from a Hollywood thriller, and the scope of the operation was far greater than has been revealed to date. According to the BND's secret allocation of responsibilities, OPUS is in charge of "technical and operational attacks on IT systems," a more or less accurate description of its agents' work.
So you see, not only China has a cyberintelligence division.
- Another example of an targeted attack: Tibet protests. (UPDATED)
- Collection of information on Cyberwarfare and the recent targeted attacks (updated)
- Targeted attacks might be using office 0-day
- Targeted attack on US nuclear arms lab succeeded
- The USCC report about chinese espionage
- Stopping targeted attacks, why signatures are not enough anymore
- World's first Cyber Coldwar soon in a theater near you
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment