Faeser wants to expand the BKA's powers for cyber defense
Germany's Interior Minister and the Federal Office for the Protection of the Constitution are worried about cybersecurity, new office is to detect disinformation
Thomas Haldenwang and Nancy Faeser on the presentation of the 2023 Report on the Protection of the Constitution.
(Image: BMI / Henning Schacht)
Federal Minister of the Interior Nancy Faeser (SPD) intends to present a draft law shortly to strengthen digital security. Faeser said this at the presentation of the annual report of the Federal Office for the Protection of the Constitution (BfV). The office responsible for counterintelligence and the Interior Minister have identified China, Russia and Iran as the main attackers. A new office in the BMI is to help identify disinformation campaigns.
A "massive hybrid threat" emanates from Russia, said Federal Minister of the Interior Nancy Faeser this morning at the presentation of the BfV's annual report in Berlin. The threat to democracy through espionage, sabotage, disinformation and cyber attacks had reached a "new dimension", said the SPD politician. The attack on the CDU was a "serious cyberattack". "These attacks are aimed at shaking confidence in our democracy." Maximum sensitivity is needed in all areas, especially in the area of critical infrastructure. President of the Office for the Protection of the Constitution Thomas Haldenwang warned that attacks on "high-value targets" such as individuals, parties, organizations, companies and critical infrastructure are to be expected.
Faeser wants to give the BKA more powers
In addition, cyber defense must be strengthened, Faeser said. The legal powers for this must be expanded. Specifically, she is referring to extended powers for the Federal Criminal Police Office (BKA): "No aggressive powers to strike back", but the BKA should become more capable of acting. Faeser was alluding to the debate on "active cyber defense" - and in particular the debate on so-called hackbacks, i.e. offensive operations in the criminal infrastructure. The BKA in the past stated that, from the BKA's point of view, it is about shutting down botnets and patching compromised end devices as well as infrastructure used by attackers.
In the 2023 constitutional protection report, Russia, China and Iran are identified as the main perpetrators of cyberattacks. Haldewand referred to the attack on the SPD at the turn of the year 2022/2023, in which attackers used a zero-day gap in Microsoft Exchange. The German government officially attributed this attack to Russian attackers at the beginning of May. Federal Minister of the Interior Nancy Faeser (SPD) did not want to claim liability for software manufacturers in this context on Tuesday.
Attack on CDU: BfV expects further victims of the Check Point gap
Haldenwang did not want to comment in more detail on the attack on the CDU based on the loophole in Check Point Security. However, it was helpful that the BfV and the Federal Office for Information Security (BSI) were involved "very early on after the cyber attack was discovered". Together with the Federal Office for Information Security, his agency had managed to notify many of the affected institutions.
The BfV assumes that the majority of its systems have now been secured. However, Haldewand expects further victims as a result of the security breach. Last week, the figure of 1800 vulnerable systems in Germany was mentioned.
Propaganda occupies constitutional protectors and interior minister
The BfV and the Ministry of the Interior are not only concerned with IT security, but also with the use of the internet for propaganda purposes. State and state-affiliated actors spread propaganda and fake news on many channels, said Haldenwang. There are intensive efforts to strengthen cooperation with platforms such as Telegram. Haldenwang believes that cooperation is on the right track, "but there is still a lot of room for improvement in the self-regulation of these media."
In this context, Faeser referred to the incipient effectiveness of the Digital Services Act (DSA). The platforms must also fulfill their voluntary commitments.
Unit should now recognize external campaigns at an early stage
In the fight against foreign disinformation, the BMI began setting up a "Central Office for the Detection of Foreign Information Manipulation" at the beginning of the month. "We are using technical means to monitor which disinformation campaigns are coming in via the internet, what is being fed in and what is being amplified," Faeser explained the aim of the new unit. It is intended to bring together the various findings from the different ministries. For now, the Minister of the Interior did not reveal exactly how this is to take place. The aim of the central unit is to "work with a team of 20 people in the areas of monitoring and analysis", according to government circles. The aim is to identify narratives and actions at an early stage.
The Central Office for the Detection of Foreign Information Manipulation will neither issue public warnings nor actively take action against them, but will work with the German government. Haldenwang assured that his agency would make its findings available to the new office.
Before the European elections, there were fears that foreign actors, such as those from Russia, could spread disinformation in a targeted manner. There has been no evidence of major campaigns of this kind in Germany, although the so-called doppelganger campaign was uncovered in January.
(olb)
