BONN, Germany—It was a cyberattack that showed just how vulnerable Germany’s digital infrastructure truly is. In the summer of 2017, a group of hackers infiltrated NetCom BW, a regional telecommunications provider with about 43,000 subscribers in the state of Baden-Württemberg in Germany’s southwest. Given the company’s modest size, it may not seem like a prime target. But NetCom BW is a subsidiary of EnBW, one of Germany’s biggest power utilities. EnBW is part of what the government regards as its critical infrastructure: companies that operate crucial public services, from electricity to telecommunications to health care.
When news of the breach emerged in mid-May, a spokesperson from EnBW said that the hackers only gained limited access to the provider’s networks for a few minutes before its IT team fended off the incursion. A serious cyberattack on such a provider, by contrast, could’ve caused large-scale disruption.
Still, this near miss provided little comfort. In 2014, a steel mill in Germany suffered severe damage after a cyberattack blocked a blast furnace from powering down properly. In 2015, a group linked to the Russian hackers APT28 pilfered some 16 gigabytes of data from the German parliament—the deepest breach suffered by the government. In March, news broke that authorities had been monitoring an attempted hack of government networks for a few months until word of the operation leaked to the media. According to a report in Süddeutsche Zeitung, the national daily, the hackers managed to access documents dealing with Russia. While those documents were already in the public domain, the malware used by the hackers was powerful and precise, German lawmakers said. Domestic-intelligence officials said there is a “high likelihood” of Russian involvement.