Federal prosecutors are already investigating a secret army conversation on the Ukraine war that was wiretapped and ended up on Russian social media in March.
The latest security flaw that Zeit Online reported on again concerned the online video-conference tool Webex, a popular public platform for audio and video meetings, with additional security buffers built in.
Zeit Online said it had been able to access Germany army meetings by using simple search terms on the platform.
"More than 6,000 meetings could be found online," some of which were meant to be classified, it wrote.
Sensitive issue covered included the long-range Taurus missiles that Ukraine has been calling for, and the issue of online warfare.
Online meeting rooms attributed to 248,000 German soldiers were easy to detect thanks to weak online design that lacked even password protection, Zeit Online added. That allowed its reporters to find the online meeting room of air force chief Ingo Gerhartz.
His name came up during reports of the earlier leak in March, when a recording of the talks between four high-ranking air force officers was posted on Telegram by the head of Russia's state-backed RT channel. He was one of the four officers recorded.
Zeit Online said that the army only became aware of the security flaws after they approached them for comment. The security issue was first identified by Netzbegruenung, a group of cyber-activists, it reported.
An army spokesman confirmed to AFP that there was a flaw in the army's Webex sites but that once it had been drawn to their attention they had corrected it within 24 hours.
"It was not possible to participate in the videoconferences without the knowledge of the participants or without authorisation," he added. "No confidential content could therefore leave the conferences."
Zeit Online said the Webex sites of Chancellor Olaf Scholz as well as key government ministers had the same flaws and that they had been able to connect to Scholz's site on Saturday.
French lawmakers sound alarm over alleged Chinese hacking
Paris (AFP) May 3, 2024 -
A group of French parliamentarians has sounded the alarm over what they say is an inadequate government response to cyberattacks targeting their computers and attributed to China.
The seven deputies and senators said they received virus-infected emails in 2021 sent by a hacker group called APT31, which several countries, including the US and Britain, believe to be linked to the Chinese government.
Their concerns emerged ahead of a state visit to France by Chinese President Xi Jinping, beginning with his arrival on Sunday, part of Beijing's efforts for deeper political and economic ties in Europe to counterbalance difficult relations with Washington.
"We are clearly faced with wide-ranging foreign interference by China," said Olivier Cadic, a centrist member of the French Senate.
The seven targeted parliamentarians all belong to the Inter-Parliamentary Alliance on China (IPAC), an international non-profit body for legislators who see China's policies as a threat to democratic values.
The French parliamentarians only discovered they had been hacked in March of this year after the US Justice Department indicted seven Chinese nationals "associated with the Chinese government" for sending malicious emails to US and foreign critics of China, including IPAC members.
Ex-senator Andre Gattolin, a former co-president of IPAC's French branch, said the US indictment was proof that a "Trojan Horse"-type email he received in 2021 came from the Chinese hacker group.
"At the time I was writing an extremely sensitive report about foreign interference in universities and research," he said.
But when he asked France's National Agency for the Security of Information Systems (ANSSI) to investigate further, "I couldn't get anybody's attention" there, nor at the anti-espionage agency DGSI, he told AFP.
He filed a police complaint last month, and IPAC got in touch with US law enforcement agency FBI which, he said, told them that they had informed the French authorities of their suspicions as early as 2022.
"But nobody told us anything," Gattolin said.
"I would like to understand why I wasn't alerted before," added deputy Anne Genetet.
The handling of the case by French authorities was "lightweight", she told AFP.
"It's unimaginable that I am the only National Assembly member this has happened to," she said.
The Paris prosecutors' office declined to comment on the case when contacted by AFP.
"I am concerned about how China's actions are met with complete silence," said Gattolin. "We may as well let Chinese spies walk right into our offices."
Asked in the Senate on Tuesday about the matter, government spokeswoman Prisca Thevenot said French services "are paying close attention" to APT31, "including under legality aspects".
But Cadic said such statements were insufficient. "We're dealing with an open official attack, and the authorities know it," he said. "What has been done to us is an act of war."
Related Links
Cyberwar - Internet Security News - Systems and Policy Issues
| Subscribe Free To Our Daily Newsletters |
| Subscribe Free To Our Daily Newsletters |
