The head of Germany’s domestic intelligence agency has said his country should be prepared to actively counter cyber-attacks in the future rather than focus solely on protecting its digital infrastructure.
“We think it’s essential that we don’t just act defensively, but that we are also able to attack the enemy so that he stops continuing to attack us in the future,” Hans-Georg Maassen told the German news agency dpa.
The terrorist attack on a Christmas market in Berlin and fears of Russian interference in September’s federal elections following US claims of Moscow-led meddling last year have triggered a bout of soul-searching over the competence and powers of Germany’s intelligence and police agencies, which were widely decentralised in response to the abuses of the Nazi era.
Maassen, the president of the Federal Office for the Protection of the Constitution, complained that his agency was not authorised to delete files that had been stolen or copied and stored on an external server. “Thus we have a high risk that the damage will increase, because third parties as well as the culprit can access the data,” he said.
The spy chief also called for clearer regulation allowing his agency to “disable attack structures that pose a grave threat to our cybersecurity”. Germany’s domestic intelligence agency says it has noted a significant increase of so-called spear-phishing attacks in recent months, in which hackers send spoof emails to a specific organisation with view to obtaining confidential data.
In 2015 Germany’s parliament had to reboot its IT infrastructure after hackers gained access to the Bundestag’s internal network.