Why Germany Is Afraid of “Cyberbombs”

Written by Jason Simpkins
Posted September 6, 2018 at 8:00PM

China, Russia, and other countries have long targeted Germany with hacking efforts.

For example, Hans-Georg Maassen, head of the German intelligence agency BfV, says China is seeking to gain dominant positions in key tech sectors by stealing information from German companies. As in the United States, Chinese companies have also been investing in German firms.

This, Maassen says, is part of the country’s larger “Made in China 2025” drive.

“That is a political project in which the government is spending a lot of money, not just to invest, but to buy information for its own technical progress, or to gain a position in specific areas that will make it impossible for others to continue developments there,” he said.

In December, the BfV also warned about efforts by China to use fake LinkedIn accounts to recruit German business executives and researchers as spies.

But the cyberattacks Germany has suffered lately have been of a different, far more dangerous nature.

Maassen says the Germans believe Russia and China are planting “cyberbombs,” or malware that does nothing in the short term, but could later be detonated to shut down power networks or ISPs.

“In the case of China, Russia, we clearly see measures like espionage, but it could also be sabotage with the goal of attacking companies in Germany — infrastructure firms in the widest sense — at some future point,” Maassen said. “That is a scenario that we view with concern.”

U.S. officials are worried about the same thing.

For months now, there have been reports of Russian submarines tampering with the undersea cables that allow the global operation of the Internet.

And while Russian hackers are looking to influence the 2018 election, they’re also demonstrating their ability to disrupt the U.S. power grid.

The Department of Homeland Security says that Russia’s military intelligence agency has repeatedly infiltrated the control rooms of power plants across the United States. These efforts could enable it to take control of parts of the grid by remote control.

The DHS cited “hundreds of victims” of the attacks, far more than it had previously acknowledged.

Are they planting the same “cyberbombs” the Germans fear?

Probably.

After all, they’ve done this kind of thing before.

In December 2015, Russian hackers wrested control of Ukraine’s power grid, and cut off electricity at three different companies. Some 30 substations were switched off, and about 230,000 people were left without electricity for up to six hours.

Now, they’re looking to apply the same capabilities in America.

To gain access to the power plant computers and internal networks, the Russian hackers first attacked smaller, less secure companies — like ones that make parts for generators or sell software that power plant companies use.

They used “spear phishing” attacks to send malicious emails from hijacked accounts. And they altered websites that people in the energy industry regularly visit to collect logins and passwords.

Then they used those logins to set up local administrator accounts and installed malware in the networks. They even used code to cover their tracks.

And finally, they just sat there and watched as vital information came pouring in.

And that’s not all.

DHS says Russia used the exact same tactics to infiltrate airports, water plants, and manufacturers, too.

When the U.S. Treasury Department issued new sanctions against several Russian individuals and organizations on March 15, it specifically named these cyberattacks as one of the reasons for doing so.

Energy Secretary Rick Perry even told lawmakers at an appropriations hearing that these attacks are “literally happening hundreds of thousands of times a day.”

So at this point, it’s not even really a question.

Our adversaries — Russia, China, North Korea, Iran, and others — have the capability to affect the U.S. power grid and water supply.

They’ve already proven as much.

The cyberbombs are lying in wait. It’s just a matter of when they’re detonated, and how much damage they do.

That’s why I’ve been staunchly advocating cybersecurity stocks. (You can find my latest recommendation here.)

These companies are already raking in profits as more companies and individuals race to address the threat. But they’re really going to skyrocket when a cyberbomb goes off.

Fight on,

Jason Simpkins Signature

Jason Simpkins

follow basic@OCSimpkins on Twitter

Jason Simpkins is Assistant Managing Editor of the Outsider Club and Investment Director of The Wealth Warrior, a financial advisory focused on security companies and defense contractors. For more on Jason, check out his editor's page. 

*Follow Outsider Club on Facebook and Twitter.

Comments

Investing in Marijuana Without Getting Burned