Germany has formally accused China of orchestrating a significant cyberattack against the Federal Office of Cartography and Geodesy (BKG) at the end of 2021, marking a serious escalation in state-sponsored cyber-espionage. The attack, which involved infiltrating the BKG network, was identified through extensive analyses and investigations led by the German Federal Government, with critical support from the Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI). The cyber operation was traced back to Chinese state actors who exploited compromised end devices from private individuals and companies to obfuscate their activities and facilitate the attack.
Federal Minister of the Interior Nancy Faeser has condemned the cyberattack in the strongest terms, emphasizing the severe threat posed by Chinese state-controlled cyber operations. Faeser highlighted that the attack threatens Germany’s digital sovereignty and called for China to halt its cyber-espionage activities. She lauded the efforts of German security agencies, including the BfV, for their coordinated response and investigation, which led to the identification of the state actors responsible and the implementation of a new law aimed at enhancing national cybersecurity.
In direct response to the breach, the BKG has undertaken a robust overhaul of its information security infrastructure. This comprehensive response includes implementing advanced logging and detection systems, improving IT risk management, and heightening employee awareness of cybersecurity. Following recommendations from the BSI, the BKG has reconstructed its network to ensure the exclusion of the attackers and to fortify its defenses against future intrusions. These measures are part of a broader strategy to restore and enhance the security of critical national infrastructure.
The ongoing threat from Chinese cyber operations remains a concern, as evidenced by subsequent sophisticated attacks detected in 2023 targeting various sectors including companies, governmental authorities, and political institutions. These attacks have been aimed at extracting sensitive information related to Germany’s political decision-making processes and positions. German security authorities anticipate that China will continue to intensify its state-run espionage and cyber influence operations, driven by its strategic goals to advance its industrial and geopolitical interests. The Federal Government and its security agencies remain committed to countering these threats and safeguarding national security.
Reference:
