The hacker attack on the servers of the Christian Democratic Union (CDU) party, that came to light over the weekend, was more serious than previously thought, German ‘Der Spiegel’ weekly has revealed.
The hackers managed to gain access to some critical data, sources within the party told the weekly.
“Furthermore, they had access to the party network and moved around it without being detected for at least 14 days,” ‘Der Spiegel’ reported on Tuesday.
There has been no official statement issued as to who may have been responsible for the attack.
“But due to the professional approach and effort put into covering the tracks, several people acquainted with earlier investigations currently assume that it may have been a group acting on behalf of the Chinese state,” the weekly reported.
According to the weekly’s sources, the hackers used a vulnerability in the security systems of Check Point, whose software the CDU uses to protect its networks.
Last week, Check Point issued a warning about the existence of a critical vulnerability in the security features of several of their products. These were used to carry out so-called ‘zero-day exploits’ which take advantage of vulnerabilities that have not been identified upon release and to which no patches have yet been created.
“Furthermore, they had access to the party network and moved around it without being detected for at least 14 days,” ‘Der Spiegel’ reported on Tuesday.
There has been no official statement issued as to who may have been responsible for the attack.
“But due to the professional approach and effort put into covering the tracks, several people acquainted with earlier investigations currently assume that it may have been a group acting on behalf of the Chinese state,” the weekly reported.
According to the weekly’s sources, the hackers used a vulnerability in the security systems of Check Point, whose software the CDU uses to protect its networks.
Last week, Check Point issued a warning about the existence of a critical vulnerability in the security features of several of their products. These were used to carry out so-called ‘zero-day exploits’ which take advantage of vulnerabilities that have not been identified upon release and to which no patches have yet been created.
The cyberattack on the CDU servers was “the most serious attack against IT infrastructure that a political party in Germany has ever experienced,” Friedrich Merz, the party’s leader, said during the party’s electoral campaign event held in Potsdam near Berlin on Monday evening.
German security services have for months warned of an increased threat of cyberattacks carried out for political ends, with reasons for such actions by hostile actors given as the upcoming elections to the European Parliament as well as local elections in several of Germany’s federal states.
German security services have for months warned of an increased threat of cyberattacks carried out for political ends, with reasons for such actions by hostile actors given as the upcoming elections to the European Parliament as well as local elections in several of Germany’s federal states.
Source: Der Spiegel via PAP
More In Politics MORE...