In March and April hackers tried to infiltrate computers of think tanks associated with Germany’s top two political parties. A year earlier, scammers set up a fake server in Latvia to flood German lawmakers with phishing emails. And in 2015 criminals breached the network of the German Parliament, stealing 16 gigabytes of data. Although there’s no definitive proof, the attacks have been linked to Pawn Storm, a shadowy group with ties to Russian intelligence agencies—raising the possibility that the Kremlin might disrupt a September vote in which Chancellor Angela Merkel, Russian President Vladimir Putin’s strongest critic in Europe, is seeking a fourth term. “There’s increasing evidence of attempts to influence the election” by Russia, says Hans-Georg Maassen, head of BfV, Germany’s domestic intelligence agency. “We expect another jump in cyberattacks ahead of the vote.” While polls show Merkel is likely to defeat the left-leaning Social Democratic Party (SPD), the concern is that the Kremlin will try to strengthen the far-right Alternative for Germany and turn the estimated 2.5 million voters who speak Russian against her. “Cybersecurity is a top priority, and Chancellor Merkel is taking it very seriously,” says Arne Schönbohm, president of the BSI, the country’s top technology security agency.
To guard against mischief similar to what Russia instigated in the U.S. last year and may have sought to do in France this spring, the Germans are shoring up their defenses. Merkel’s Christian Democratic Union (CDU) is calling for a law that would allow the country to “hack back” and wipe out attacking servers. The BSI this year is hiring 180 people—from lawyers to coders—and will embed experts with the election watchdog to protect the vote. The agency has set up cybersecurity response teams to clean up after attacks and help infiltrated government agencies keep computer systems from collapsing. In May the BSI held talks with counterparts such as France’s online security agency to gather information on thwarting attacks like one that targeted the presidential campaign of Emmanuel Macron.
Germany’s education ministry is backing a new cybersecurity school where politicians and IT officials are taught to spot and react to hacking. In April the armed forces set up a cyberdefense unit that will soon employ 12,000 soldiers and 1,500 civilians. Their orders: protect critical infrastructure such as power plants and hospitals, as well as military networks—which have been targeted 820,000 times this year, according to the defense ministry. “Since late 2016 we’ve been identifying attacks on Chancellor Merkel, and we are anticipating quite a strong barrage” as the election approaches, says Maks Czuperski, head of the digital forensic research lab at the Atlantic Council in Washington.