It is now the “task of the intelligence services to shed light on the dark areas of cyber space”, said President of the Federal Office for the Protection of the Constitution Dr. Maaßen at the Potsdam Conference for National Cyber Security , organized by the Hasso-Plattner Institute (HPI), on June 21. He identified energy technology, x-ray and nuclear technology, measurement technology and aerospace as the main targets of attacks from Russia, while attacks from China, Iran and Turkey have apparently targeted administration and politics, the military, armaments, aerospace, electrical technology, the steel and metal industry and high-tech.
The latest findings of the Office for the Protection of the Constitution have now been published in Cyber Letter No. 02/2018 . It focuses specifically on spear phishing attacks on German media companies and chemical weapons research, in other words on highly targeted, personal contact that provides the addressee with a German Word document, which in turn asks for macros to be enabled – with the result that a VBA script is launched that downloads malicious code and ultimately gains control at PowerShell level. The Office for the Protection of the Constitution has traced this wave of attacks to a group by the name of Sandworm, behind which intelligence organizations are suspected to be lurking; at Kapersky Labs, the same grouping has been given the name Olympic Destroyer . The suspected aim is “not only to gain access to data, but also to sabotage IT systems”.