aviation, Cyberattack on German air traffic control: APT 28 in the crosshairs

La France en Ecosse STAFE Appel a projets 2023 768x1024 1
La-France-en-Ecosse-STAFE-Appel-a-projets-2023

In an increasingly digitalized world, critical infrastructures such as air traffic control are becoming increasingly important targets of cyber attacks. The German Air Traffic Control (DFS), based in Langen near Frankfurt am Main, recently fell victim to such a hacker attack.

The attack, which paralyzed DFS office communications, not only alarmed security authorities but also alarmed the public. While air traffic was not affected, the incident raises serious questions about cybersecurity in Germany, particularly in connection with the suspected involvement of the hacker group « APT 28 », which is closely linked to the Russian military intelligence service GRU.

The attack on the DFS was discovered last week, as a spokesperson for air traffic control confirmed to the German Press Agency (dpa). The system affected was the internal office communication, which is essential for the exchange of information within the organization. « We are currently in the process of taking defensive measures, » the spokesperson continued, without giving precise details of the systems affected or the type of defensive measures. However, the DFS stressed that air traffic was not affected and continued as normal. This underlines the robustness of the air traffic control’s operational systems, which are obviously separate from office communication.

The role of APT 28

Media reports, particularly from Bayerischer Rundfunk, suggest that the notorious hacker group « APT 28 » could be behind the attack. This group, also known as « Fancy Bear », is one of the safest and most efficient users of cyberspace. APT 28 is attributed to the Russian military intelligence service GRU by the Federal Office for the Protection of the Constitution (BfV) and has been involved in cyber espionage since at least 2004. The group has made a name for itself through numerous high-profile attacks, including attacks on political organizations, media and government agencies in various countries.

Cybersecurity as a national challenge

The incident at the DFS underscores the growing threat of cyber attacks on critical infrastructure in Germany. In recent years, hackers have repeatedly exploited vulnerabilities in the IT systems of companies and authorities to steal information, paralyze systems or cause economic damage. The fact that the DFS, a central institution for air traffic security in Germany, has become the target of such an attack shows how vulnerable even well-secured organizations can be.

Reaction of the authorities

After the attack became known, the responsible security authorities were informed immediately. The Federal Ministry of Transport, which oversees the DFS, refused to provide further information and referred to the DFS itself. The Federal Office for the Protection of the Constitution confirmed the incident and stated that the attack was being investigated. However, due to the ongoing investigations, no further details were made known, especially not with regard to the possible perpetrators.

It is not unusual for information in such cases to be released rarely, as accidental disclosure of details could jeopardize the investigation. In addition, disclosure of information about the defensive measures used could provide valuable clues to potential attackers.

The suspicion that APT 28 is behind the attack is not unfounded. In recent years, the group has carried out a large number of cyberattacks in Europe and North America, often with politically motivated goals. The links to the Russian secret service GRU suggest that such attacks could have not only criminal but also geopolitical motives. Russia has been accused for years of using cyberattacks as part of its asymmetric warfare to influence international affairs and promote political instability.

Consequences for the future

The attack on the DFS could have far-reaching consequences for cybersecurity policy in Germany. The federal government has already taken measures in the past to increase the security of critical infrastructures. These include tightening security regulations and creating new institutions to defend against cyberattacks. However, the latest incident is likely to increase the pressure on politicians to take even more decisive measures to prevent such attacks in the future.

It is expected that the DFS and other affected institutions will further strengthen their IT security measures. This could include increased investment in cybersecurity, training of employees and the implementation of advanced defense technologies. Cooperation with international partners in the field of cybersecurity will also become increasingly important in order to be able to effectively ward off global threats.

The cyberattack on German air traffic control is a serious wake-up call for the security of critical infrastructure in Germany. Although air traffic was not affected, the incident shows how vulnerable even centralized institutions can be to such threats. The suspected involvement of APT 28, a group with links to Russian military intelligence, highlights the geopolitical dimension of cyberattacks. In a world where digital attacks are getting worse, governments and companies must intensify their efforts to secure their IT systems to ensure both national security and economic stability.

300bestaviation.com est blog numérique qui compile de multiples infos publiés sur internet dont le sujet de prédilection est « Wiki des avions et de l’aviation ». Cette chronique est produite de la façon la plus complète qui soit. S’il advenait que vous souhaitez apporter des précisions concernant le sujet « Wiki des avions et de l’aviation » vous êtes libre de solliciter notre rédaction. Pour vous tenir informés, ce post à propos du sujet « Wiki des avions et de l’aviation », vous est offert par 300bestaviation.com. Restez connecté sur notre site internet 300bestaviation.com et nos réseaux sociaux dans l’optique d’être au courant des prochaines communications.