Hackers reportedly targeted the German parliament with new cyberattacks as recently as January. The malvertising campaign saw hackers use a compromised Israeli news site to redirect users to a malicious site. However, cyber defences incorporated after the parliament was hacked in 2015 reportedly helped officials thwart the cyberattack, according to the German cybersecurity watchdog.
According to the Federal Office for Information Security (BSI), unusual activity on the parliament's network was investigated earlier in the year. The hackers allegedly manipulated the website of the Jerusalem Post, redirecting those clicking on advertising run on the site to a malicious website, Reuters reported.
It remains unclear if the attack was specifically meant to target members of the parliament or any user with a German IP address, clicking on the ads. However, the malvertising campaign appears to have been identified after a sweep of the parliament's network.
At least 10 German lawmakers were reportedly affected by the attempted attack. The BSI said in a statement: "The technical analysis is complete. The website of the Jerusalem Post was manipulated and had been linked to a malicious third party site. BSI found no malware or infections as part of its analysis of the Bundestag networks."
The Jerusalem Post confirmed the details of the attack, clarifying that no malware originated from its site. The publisher also said that it was protected against such attacks in the future.
"The Jerusalem Post website was attacked in January by foreign hackers," the publisher said in a statement. "We immediately took action and together with Israeli cyber authorities successfully neutralised the threat."
According to security expert Graham Cluley, such spear-phishing attacks leveraging malicious ads are unusual but possible. He speculated that the hackers could have manipulated the Jerusalem Post site to serve up German language ads to visitors with German IP addresses. However, he claimed that it was unlikely that the attackers leveraged malvertising to target specific politicians.
The attack comes amid increasing concerns in Germany about election hacking and fears that Russia may be working to potentially interfere in the upcoming September elections, in efforts to destabilise the German government and democracy.
Officials recently claimed that Germany thwarted two separate cyberattacks in 2016, believed to have been launched by the Kremlin-linked hacker group Fancy Bear. However, according to sources familiar with the matter, the January attack did not appear to be linked to Fancy Bear.