German Air Traffic Control Deutsche Flugsicherung (DFS) has notified that it has fallen victim to a cyberattack. The Deutsche Flugsicherung cyberattack has paralyzed the DFS’s office communications though air traffic was not affected due to the attack. Pro-Russian hacker group APT28, also known as Fancy Bear, is suspected to have executed the cyberattack.
APT-28 is closely linked to the Russian military intelligence service GRU.
Deutsche Flugsicherung Cyberattack in Detail
DFS is based out of Langen near Frankfurt. A spokesperson for air traffic control told the German Press Agency (dpa) that the attack on DFS was discovered last week. The firm sent out an internal office communication that its systems have been affected.
“We are currently in the process of taking defensive measures,” the spokesperson told the media but did not divulge the precise details about the systems affected or the type of defensive measures. However, the DFS stressed that air traffic was not affected and that the operations continued smoothly.
The Role of APT 28
Media reports suggest that the notorious hacker group “APT 28,” also known as “Fancy Bear,” could be behind the cyberattack on the DFS. This group has been closely monitored by security authorities worldwide for years and is considered one of the most active and dangerous cyber actors. The Federal Office for the Protection of the Constitution (BfV) attributes APT 28 to the Russian secret military intelligence service GRU. Since 2004, the group has been involved in cyber espionage, targeting political organizations, media outlets, and government agencies in various countries.
To ascertain the veracity of the claims, The Cyber Express has reached out to the officials of DFS. As of the writing of this news report, no response has been received, leaving the claims of attack by the APT-28 group unverified.
Cybersecurity as a National Challenge
The attack on the DFS underscores the growing threat of cyberattacks on critical infrastructure in Germany. In recent years, hackers have repeatedly exploited vulnerabilities in the IT systems of companies and authorities, resulting in stolen information, paralyzed systems, and economic damage. The fact that the DFS, a central institution for air traffic security in Germany, has become the target of such an attack demonstrates the vulnerability of even well-secured organizations.
Reaction of the Authorities
Following the attack, the security authorities in Germany were immediately informed of the scenario. The Federal Ministry of Transport, which oversees the DFS, declined to provide further information and referred to the DFS itself. The Federal Office for the Protection of the Constitution confirmed the incident and stated that the attack was under investigation. However, due to the ongoing investigations, no further details were released, particularly regarding the potential perpetrators.
It is common practice in such cases to release information sparingly, as early disclosure could jeopardize the investigation. Additionally, disclosing information about the defensive measures used could provide valuable clues to potential attackers.
The suspicion that APT 28 is behind the attack is not unfounded. In recent years, the group has carried out numerous cyberattacks in Europe and North America, often with politically motivated goals. The links to the Russian secret service GRU suggest that such attacks could have not only criminal but also geopolitical motives. Russia has been accused for years of using cyberattacks as part of its asymmetric warfare to influence international affairs and promote political instability.