Bundestag election: Microsoft warns of cyberattacks and disinformation

Two and a half months before the planned Bundestag election date, there is great excitement: 82% of Green Party supporters, three quarters of all SPD, CDU/CSU and Left Party supporters and a good half of all AfD supporters believe that there is a risk of all kinds of attempts to influence the Bundestag in the run-up to the early Bundestag election on February 23. Politically, this is already a foregone conclusion, but formally it will only be initiated after Chancellor Olaf Scholz loses a vote of confidence, which is scheduled for December 17.

"State actors and certain interest groups are trying on a grand scale to influence the outcome of democratic elections in their favor through disinformation campaigns," warns Ralf Wigand, National Security Officer at Microsoft Germany. "This danger must also be clearly seen for Germany."

This warning from Microsoft should also come in light of the fact that it was a Microsoft product, Outlook for Windows of all things, in which a security vulnerability was exploited to attack the SPD party headquarters in January 2023 - the company is therefore rather unintentionally familiar with the scenarios in Germany.

Authorities warn of attempts to exert influence

The Federal Office for the Protection of the Constitution had already issued a public warning last week - but also emphasized: "It is not possible to reliably predict which intelligence and security-threatening activities will ultimately occur in the context of the election to the 21st German Bundestag."

The Federal Office for Information Security is also actively warning against groups that are "illegitimately trying to exert influence", as BSI President Claudia Plattner told Deutschlandfunk radio. Webinars are currently being held with political parties and celebrities to train them in self-protection measures. Technically, the election is not at risk due to the analog implementation.

Companies, administration and politics see significant room for improvement in protection

Microsoft also surveyed company managers who currently see a high risk of cyber attacks. Almost half of the companies believe they are adequately protected against attacks, while a third believe their protection is poor or very poor. According to Microsoft Germany, decision-makers in politics and administration who were also surveyed view the situation even more critically: 9 out of 10 respondents stated that Germany's critical infrastructure is threatened by state-supported cyber attacks from abroad. Half of them considered this risk to be very high.

However, it is doubtful that this is directly related to the Bundestag elections. Indirectly, however, the Bundestag election also plays a role here: after the traffic light coalition lost the yellow phase, an update for the BSI Act is stuck in the Bundestag with the NIS2 Implementation Act, which aims to oblige operators of critical systems to take more protective measures. The CDU/CSU parliamentary group expects the SPD and the Greens to make concessions in terms of content - until then, the law cannot be approved. However, the law is largely an implementation of EU legislation -- which should have been transposed into German law in October.

(fds)