A growing number of countries can hack into private computer networks and install malicious software to sabotage another country’s infrastructure, Germany’s domestic spy chief said.
China, Russia and other countries continued to try to break into German companies’ computers to steal valuable industrial information, Hans-Georg Maassen, head of the BfV domestic intelligence agency, told a security conference. But intelligence officials are increasingly worried about so-called “cyber bombs” that could be planted in the network of an unsuspecting company and detonated later.
“In the case of China, Russia, we clearly see measures like espionage, but it could also be sabotage with the goal of attacking companies in Germany — infrastructure firms in the widest sense — at some future point,” Maassen said. “That is a scenario that we view with concern.”
Cyber experts warn that Germany — with its high level of technology expertise — is a particularly attractive target for cyber attackers of all kinds, including state actors. A company could be completely oblivious to a cyber attack that had been used to plant malware — a “cyber bomb”, Maassen said. Then the bomb could shut down power networks, for example, perhaps during a time of geopolitical tension.
He said such attacks could come from a range of countries that have expanded their cyber expertise. In its annual report, the agency cited rapid strides in cyber technology by Iran, although it did not specifically spell out concerns about such sleeper attacks.
Germany is also increasingly concerned that China is seeking to gain dominant positions in key technology sectors by investing in German firms as part of it's larger “Made in China 2025” drive, Maassen said.
“That is a political project in which the government is spending a lot of money, not just to invest, but to buy information for its own technical progress, or to gain a position in specific areas that will make it impossible for others to continue developments there,” he said.
Maassen’s remarks come amid a push by Germany and other European Union states to protect sensitive technologies from Chinese takeovers. In December, the BfV also warned about efforts by China to use fake LinkedIn accounts to recruit German business executives and researchers as spies....