Russian hackers target German broadcasters
July 27, 2018
A Russian hacking group known as "Sandworm" targeted Germany's two largest public broadcasters, ZDF and WDR, according to German media reports on Friday.
Security officials told German weekly Der Spiegel that hackers had managed to compromise the broadcasters' networks in June. Although the cyberattack was detected relatively quickly, it remains unknown what the group was after or whether any sensitive data was compromised.
ZDF confirmed the attack on Friday, adding that only 10 computers on its network were affected. WDR decline to comment for "security reasons."
Sandworm is a hacking group believed to be run by Russia's military intelligence service, GRU. According to US federal investigators, the group is suspected of also being behind the attack on the US Democrats' computer servers during the 2016 presidential election.
The group first appeared in 2013 and, according to German intelligence, has targeted NATO servers, several western telecom companies and Ukrainian energy suppliers.
Earlier this year, the German government admitted that its computer network had been compromised via a piece of malware. The Russian hacking group APT28 is believed to have been behind the attack.
German intelligence warns key institutions
Germany's intelligence service (BND) had warned two weeks ago of the potential cyber threats facing several key bodies, including the country's public broadcasters and media companies.
The BND also said that the Spiez Laboratory in Switzerland, which specializes in chemical weapons research, was also among Sandworm's targets. Its Swiss lab had been tasked with analyzing the Soviet-era nerve agent Novichok that was used to poison former Russian double agent Sergei Skripal in Salisbury.
A spokesperson for Spiez Laboratory said officials had encountered one phishing attack, sent via a document used in a workshop. However, the institute itself had not been affected.