Prepare for Crypto Miner Attack: Hundreds of Suspicious Packages on npm

State data: Federal Foreign Office relies on backup storage abroad

In addition to the Federal Ministry of the Interior, the Federal Foreign Office is also working on a strategy for cyber security. A corresponding action plan provides for additional backup servers for data from government agencies abroad in the event of emergencies, the editorial network Germany (RND) reports on the corresponding “IT alarm” by diplomats from Minister Annalena Baerbock’s (Greens) house. The Ukraine war and the flood disaster in the Ahr valley made the vulnerability of states in the data sector clear.

“Secure and reliable government IT in the event of physical or virtual threats can be guaranteed by providing IT infrastructure multiple times and independently of one another,” the RND quoted from the paper. The high-security data storage abroad must be protected under international law by a bilateral agreement with the country concerned. The Foreign Ministry points to Estonia as a model, which has set up a “data embassy” in Luxembourg since 2018, in which pension, tax, passport and register information, for example, is stored.

The Estonian government justified the step by saying that it would “better guarantee the normal functioning of a state in the event of a cyber attack, war or natural disasters”. Despite the location in another EU country, the corresponding data center is completely under our own control. Diplomatic immunity applies to all employees of the server system.

According to the report, the Federal Foreign Office has not yet brought any specific country into play for a comparable German data message. It is about creating a kind of “digital twin of government action” in order to strengthen Germany’s resilience. In addition, there is the plan to set up special data centers suitable for the protection of secrets for foreign IT, through which the entire communication of the federal government in other countries runs. These are “planned and their financing secured”.

In principle, according to the document for the Foreign Ministry, “Russia’s war of aggression in Ukraine, which violates international law, also marks a turning point for cyberspace as a theater of modern warfare and exposes our own vulnerability”. Regine Grienberger, Commissioner for Cyber ​​Security Policy at the Federal Foreign Office, had previously made a similar statement, referring to the wiper attacks on Viasat, for example. For the diplomats, cybersecurity must therefore be “at the core of national security”. There is an urgent need for action here.

In the spring, the Greens tried in vain to co-finance activities to strengthen cyber security from the 100 billion euro special fund for the Bundeswehr. According to the paper, the federal government must now quickly agree on the necessary provision of funds.

The Federal Foreign Office agrees with the call from the Ministry of the Interior to expand the Federal Office for Information Security (BSI) into the central office for IT security for the federal states and to change the Basic Law for this purpose. A federal authority on a “special legal responsibility to avert danger” is necessary “in order to be able to take action in the event of significant, complex cross-border cyber threat situations”.

The diplomats still see a need for clarification as to which authorities at federal level “should be responsible for cyber defense” and how parliamentary control could be carried out. So far, these questions have primarily played a role in “active cyber defence”, which is often equated with hackbacks. The traffic light coalition actually rejects such counterattacks. Interior Ministry Nancy Faeser (SPD) still wants to give the Federal Criminal Police Office (BKA) the authority to “redirect” an ongoing attack and shut down attack servers in a targeted manner. Overall, Faeser wants to spend around 13 billion euros more on cyber security by 2030.


To home page

Special issue "c't Energie-Tipps" now available Previous post Special issue “c’t Energie-Tipps” now available
Microsoft is discontinuing Windows Information Protection (WIP). Next post Microsoft is discontinuing Windows Information Protection (WIP).