Germany summons Chinese ambassador over cyberattack on cartography agency

Avatar

German authorities on Wednesday said that a Beijing-backed threat actor was behind a cyberattack three years ago on the country’s state cartography agency, and summoned the Chinese ambassador to Berlin for further discussions.

The action represents the first time that Germany summoned China’s ambassador since the Tiananmen Square crackdown in 1989, Germany’s foreign ministry spokesperson Sebastian Fischer said during a press briefing.

It also follows an incident in May, when Germany recalled its ambassador to Russia following alleged Moscow-backed cyberattacks targeting the country’s defense, aerospace and IT companies, as well as the German Social Democratic Party.

According to an investigation by German security services, the goal of the attack on the country’s Federal Agency for Cartography and Geodesy (BKG), carried out at the end of 2021, was espionage, the country’s interior ministry (BMI) said in a statement on Wednesday.

The cartography agency “performs an important function for a variety of government and private sector institutions, including in the area of critical infrastructure,” BMI said. For example, it provides current, official geodata from Germany and supports the development of geodata infrastructure.

German state officials strongly condemned the attack.

“This serious cyberattack shows how great the danger is from Chinese cyberattacks and espionage. We are resolutely opposed to these threats,” German interior minister Nancy Faeser said in a statement. “We call on China to refrain from and stop such cyberattacks. These cyberattacks threaten the digital sovereignty of Germany and Europe.”

According to an investigation into the incident, the unnamed China-linked hacker group “compromised end devices belonging to private individuals and companies in order to use them for the attack.”

Following the attack, the BKG “took a comprehensive set of measures” and “significantly improved its level of information security,” the interior ministry said.

German authorities warned that Chinese state actors pose a serious threat to organizations in Germany and Europe. BMI said that in 2023, suspected state-controlled Chinese cyber actors carried out targeted cyberattacks on the country’s companies, authorities, private individuals and political institutions.

The alleged goal of these campaigns was to obtain information about “political opinion-forming and decision-making processes as well as positions of the federal government on issues of German and European foreign policy with an impact on the Chinese state.”

German authorities claim that the approach of the Chinese cyber espionage actors “underwent a significant qualitative and quantitative development, enabling a previously unseen reach and effectiveness to be achieved.”

Earlier in April, three people were arrested in Germany on suspicion of spying for China and arranging to transfer information on technology with potential military uses. In July, Germany said that it would bar the use of critical components made by Chinese companies Huawei and ZTE in core parts of the country’s 5G networks.

CybercrimeGovernmentNation-stateNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Germany summons Chinese ambassador over cyberattack on cartography agency

Next Post

Pharma giant Cencora says personal health data leaked during February cyber incident

Related Posts

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles on LinkedIn, posing as both
Avatar
Read More