1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites
PoliticsGlobal issues

Germany demands EU cyber sanctions over Russia hacking

July 12, 2020

Berlin has officially called for the use of a new EU sanctions framework to target Russian individuals following the 2015 hack attack against the German parliament's IT system, an inquiry has revealed.

A hand with a Russian flag reaches out over a screen displaying computer code
Image: picture-alliance/Bildagentur-online/Ohde

The German government has officially proposed that the European Union impose sanctions on Russian individuals responsible for a large-scale hacking of the Bundestag five years ago, the German Press Agency reported Sunday.

If agreed, the plan, which was recommended by Berlin last month, would be the first use of an EU cyber sanctions regime adopted in 2017.

The details of the proposals were revealed in response to a parliamentary inquiry filed by Germany's socialist Left Party and reviewed by the news agency.

The German government believes Russian intelligence was behind a 2015 network hacking in which an estimated 16 gigabytes of data, documents, and emails were siphoned off from the Bundestag's IT network, including thousands of emails from Merkel's Bundestag office. 

It was the largest cyber hacking ever carried out against the Bundestag.

Read more: Opinion: The Bundestag is a victim of its own naivete

German government defends proposal

In May, Germany's attorney general issued an arrest warrant against Russian citizen Dmitry Badin, who is "strongly suspected of being responsible" for the attack and who is a "member of the group APT28," the response to the inquiry said. 

Germany also believes a hacker from the Russian military secret service GRU was involved.

On June 3, 2020, the government "substantiated sanction proposals within the EU framework by presenting a comprehensive package of evidence based on the results of German investigative authorities and on intelligence information as well as publicly available sources."

This information was sent to the other EU member states for consideration. A decision from the bloc is still pending.

The government response confirms that Germany followed through on threats made to Russian Ambassador Sergei Nechayev in May after the arrest warrant for Badin was issued. 

Cyber-attacks – how companies can defend themselves

05:01

This browser does not support the video element.

Left says 'no evidence' of Russian government involvement

"It may be that Russian citizens are behind the 'Bundestag hack', but perhaps it's a false clue intended to throw off the scent. In any case, to this day there is no evidence of Russian government involvement in the hacking attack," said Andrej Hunko, spokesman for European policy for the Left Party's parliamentary group.

Hunko is opposed to the sanctions proposal.

Read more: Was Russia behind 2015's cyber attack on the German parliament?

Following an earlier investigation from Germany's Federal Prosecutor General, Chancellor Angela Merkel had made reference to "hard evidence" of Russian involvement in an "outrageous" operation. 

In 2017, the European Council developed a framework for a joint EU diplomatic response to malicious cyber activities, known as the "EU Cyber Diplomacy Toolbox."

This framework is aimed "at individuals or groups, not states," the German government stressed in its response.

In terms of the 2015 attack on the Bundestag, the response said, "The federal government assumes that a danger continues to emanate from the originator."

Skip next section DW's Top Story

DW's Top Story

Skip next section More stories from DW