It didn’t take long for hacks to hit the headlines with both the Australian and German governments being impacted by different incidents in the space of just four days.
In Germany, the personal details of hundreds of German politicians, celebrities and journalists have been leaked online. Private messages, family photos, political activity, photo IDs, credit card details and more – deeply compromising stuff. The single point of commonality is that the AfD party was the only party not to have been affected. (So far anyway.)
So, why did possibly Germany’s biggest ever breach take weeks to expose itself?
The breach seems to have occurred several weeks ago as a Twitter account with 17,000 followers was reportedly posting the leaked data in the form of an advent calendar in the run-up to Christmas.
According to the Bild newspaper, all the data stolen dates back to before October 2018 but it was not clear when the attack began. This raises the question as to why the breach was not detected sooner. So far it is unclear as to how the data was stolen.
This latest incident is not the first time the German government has been targeted by hackers. In November last year, it was reported that a suspected Russian hacking group had launched cyber attacks on the email inboxes of several members of the German parliament. Prior to that in 2015, the Russian hacker group ‘Fancy Bear’ was blamed for an attack on the parliament as well as several NATO members and eastern European governments.
The string of incidents has raised questions about the German government’s network security, and this latest breach could lead to an increase in spear phishing campaigns against those affected.
“While such attacks tend to grab the headlines, due to the sensitivity of the information stolen and from whom it was taken, their success invariably relies upon the victim's inability to carry out mundane tasks such as network patching and configuration, or the other controls espoused by the UK Cyber Essentials Scheme. In other words, while the headlines imply a degree of sophistication, the attacks are often relatively unsophisticated and would have been defeated by basic cyber hygiene. Barriers to cyber hygiene tend to fall into two broad categories: scale (the victim organisation is very large, which makes effective defence difficult) or ignorance (often when the victim is small or has never considered themselves to be a target)” – said David Carroll, CEO of XQ Cyber.
The German breach follows hot on the heels of an attack on the Australian government that led to hackers gaining access to the details of 30,000 government employees.
The breached data contained work emails, job titles, work phone numbers and personal mobile numbers. According to reports, the breach is thought to have been the result of a successful phishing campaign.
Watch this space for the next round of high-profile hacks…