A German government investigation, led by the Foreign Ministry, found that Russian hackers with state support targeted the Social Democratic Party in the governing coalition.
Germany accused Russia’s military intelligence service, the GRU, on Friday of being behind a 2023 cyberattack that targeted the Social Democrats (SPD).
NATO member Germany has been among the Western nations providing military support to Ukraine as it fights a Russian invasion and there have also been recent accusations of increased espionage.
In June 2023, the SPD announced that cybercriminals had targeted email accounts belonging to its executives earlier that year.
…
“Today we can say unambiguously… we can attribute this cyber attack to a group called APT28, which is steered by the military intelligence service of Russia,” she told a news conference during a visit to Australia.
APT28 is also known as Fancy Bear and is controlled by Russia’s GRU military intelligence service. It has been accused of dozens of cyberattacks around the world.
Russia’s trying super hard to re-occupy Germany, isn’t it?
Russia is doing anything it can come up with to destabilize the world, especially in countries where Ukrainian aid is coming from.
That’s exactly it and it’s why I have enjoyed the last 2+ years of pushing my clients CyberSecurity to new levels. Every time I get one of them to plug a gap it’s another tiny blow to Russia’s efforts.
Could you give me some hints how to better secure my little company’s network?
As I don’t have many people accessing it, I’m currently hiding behind wireguard, to be able to access my office network remotely.But I’m mostly relying on the safety of wireguard here and I’m not sure what to do to step this up a little bit. Would be nice to like authenticate with a YubiKey and password to access wireguard - although there solution needs to work on mobile (android) and PCs (Linux)
Or maybe a completely different solution I’m not thinking about…Don’t want to give you much work here. I’d already be happy with some keywords, so I have some approaches to look into.
Thanks :-)
It’s hard to give tips without knowing your situation better, but here are a few general ones that probably already set you apart from the vast majority of other small companies:
- Keep your stuff updated, especially when there are security fixes available
- don’t take convenience shortcuts that compromise on security (e.g. relying on “security through obscurity”)
- block incoming traffic by default (you only need some people from your country to access the network? Maybe even block ip ranges from the other side of the world)
- log access to your network and also analyse the logs often (probably with the help of some software)
I’m just some Software Engineer with a few years of experience, not some security expert though😅