‘We are not at war, but we’re not at peace either,’ warns German cyber chief

Not even the head of the German military’s Cyber and Information Domain Service (CIR) is immune to getting those irritating phishing emails that tell you the anti-virus protection you never signed up for is about to expire.

You would think hackers would be a little more sophisticated — given the potential target.

Vice-Admiral Thomas Daum said he deleted three of the patently obvious lures from his personal email account on Thursday.

“I think I’m in the position to understand what’s the risk in pressing the wrong button,” said Daum, who spoke exclusively to CBC News during his visit to Ottawa.

It is, however, a perfect illustration of the relentless challenge his country, its military and, by extension, other allied nations face as adversaries such as Russia, China, Iran and North Korea ramp up cyberattacks.

“We are not at war, but we’re not at peace either,” he said.

Daum is in Ottawa for meetings at the Canadian military’s cyber command and with senior defence officials.

While he may know what button to not press, others don’t.

WATCH | How AI is fuelling cyberattacks:

AI can make cyberattacks faster and smarter

A new EY report suggests AI will become a major force behind cybercrime in 2026 as programs help attackers hone their scamming skills.

A published report in Germany last March outlined how Russian state hackers conducted a targeted phishing campaign on the Signal messenger app.

The attack successfully hijacked the account of a former German foreign intelligence vice president. This campaign was used to distribute malware to high-ranking contacts across the European defence and security sector.

As both Germany and Canada embark on a major rearmament campaign, Daum said his country has witnessed an increase in supply chain attacks on its defence industry and supporting companies.

Over a two-year period, one of Germany’s biggest and best known defence contactors, Rheinmetall, which makes armoured vehicles, including Leopard tanks, was breached in a ransomware attack.

The full-scale impact was revealed in 2024 and was led by the Russian-speaking Black Basta gang. It targeted Rheinmatall’s civilian automotive unit and cost approximately $10.8 million US in recovery and lost sales. 

Daum warns industry to properly defend itself

Although the company’s military arm was reportedly isolated, the attack followed Rheinmetall’s announcement of a new tank factory in Ukraine. And Daum said that fits a pattern of what they’ve been seeing.

“What we continuously see is these kinds of attacks from Russia and that increases whenever there is a statement: ‘We’re giving a budget to Ukraine,'” he said. “There is an immediate reaction [and] all of our firewalls are burning again.”

In March, the German Federal Public Prosecutor General (Generalbundesanwalt) announced that an unnamed Bavarian drone manufacturer was targeted in a major espionage operation that led to the arrest of two suspected spies. The accused — a Ukrainian man and a Romanian woman — collected secret information both online and on-site for Russian intelligence.

Separately, German intelligence (BfV) has warned of increased targeting of the military maintenance logistics provider HIL, which is critical for servicing vehicles like the Leopard tanks, many of which are used in Ukraine.

Daum said there are lessons for both German and Canadian industry.

“We urge the defence industry to take proper means to defend themselves, and [to take] immediate action [when an incident is discovered, so] that there is no interruption of their service.”

WATCH | Canadian military looks to drastically increase manpower:

Canada scrambling to staff its huge military buildup

Chief of the Defence Staff General Jennie Carignan tells CBC News she is close to presenting Ottawa with options on how to drastically increase the size of the military’s manpower amid government plans to spend billions on new aircraft and submarines.

In Canada, there have been published reports of defence contractors being targeted.

In 2023, The Canadian Press reported an attack on Black McDonald, a major engineering firm with numerous military base contracts. It was hit by a ransomware attack. Similarly Brookfield Global Relocation Services, which supports Canadian military and foreign service personnel, experienced a major data breach compromising sensitive personal information.

Daum said the general public has a role to play in cyber defence since even home computers can be hijacked and used remotely.

“I always say, the prime risk to cybersecurity is usually sitting 15 centimetres before the monitor,” he said.

Article source: https://www.cbc.ca/news/politics/cyber-attack-germany-canada-industry-9.7192058?cmp=rss