The attacks would continue. In the first half of 2016, the BSI recorded more than 400 hacks a day on government networks that could not be recognized by commercial malware software. Roughly one a week could be linked to a foreign-intelligence agency.
Meanwhile, the specter of “black propaganda”—trolls, social media bots and fake news used to wage disinformation campaigns—also looms large. In January 2016, Russian media reported the alleged rape of a 13-year-old Russian-German girl by a group of refugees in Berlin. She had fabricated the attack, she later admitted, but not before Russian-Germans took to the streets in protest and Sergei Lavrov, the Russian foreign minster, had accused Berlin of covering up the story. Earlier this year, after the Social Democratic Party’s Martin Schulz announced his candidacy for chancellor, a story claimed his father had been a concentration camp guard—also untrue. It briefly made waves but was easily discredited.
In August, SNV led a study into the impact of fake news, examining a test case involving prominent evangelical leader Margot Käßmann. The AfD claimed that Käßmann, speaking at a church assembly event in Berlin in May, had said that any citizen with two German parents and four German grandparents was a neo-Nazi. Her words had been taken out of context and manipulated. Still, the story spread rapidly on right-wing media, Facebook, and Twitter. It was shared and posted more than 27,000 times in the days following. Major media outlets debunked the story within two days, but there was far less interest in the correction. The conclusion: Germans, too, are vulnerable to false stories.
Even so, Heumann of SNV argued that disinformation campaigns require a deeply polarized society to really flourish and Germans are still far less divided than Americans. The German media are an important watchdog, and they expect a hack or leak. A majority of Germans still trust traditional print and broadcast outlets.
“If the mainstream media immediately frame these stories in the context of disinformation, announcing it could be a hack and we need to be careful, far fewer Germans would share it and be vulnerable to being influenced,” Heumann said.
Weeks after the U.S. election last November, Merkel invited a data scientist to brief her cabinet on the dangers of bots, trolls, and fake news in shaping voters’ opinions. In June, the Bundestag approved a law aimed at corralling fake news and hate speech by forcing social networks like Facebook and Twitter to delete criminal content—hate speech, defamation, and incitements to violence—within 24 hours, or face massive fines. The Interior Ministry is considering forming a new agency to combat fake news. The government has directed significant resources towards cyber security; in addition to the BSI and the BfV, the military has also added a cyber command team. Seven government bodies, including the intelligence agency, have banded together to create a joint cyber-defense center.
Yet it is also the cornerstones of Germany’s democracy—its institutions, its consensus politics, and its social cohesion—that have become the target of hackers looking to sow discord; these could prove far more difficult to protect.
“Campaigns are at the heart of our democracy and they need to be out in the public,” Heumann said. “We need to have a broader debate and think about the boundaries of what’s acceptable, and what practices further undermine our democracy that we should not allow.”