Russian Espionage under the Radar: Emerging Threats to German Research Institutions
Russian intelligence units are tracking a specific network. - Intelligence Agencies in Russia Are Surveilling This Network
Welcome, pal! It's no secret that Russian intelligence services have been ramping up their game against various targets, and it looks like German research institutions with a focus on Eastern Europe are the latest on their hit list.
- *
"You bet your sweet bippy!" says Philipp Schmaedeke, chair of the Academic Network for Eastern Europe (Akno), to the German Press Agency. According to him, German scientists and their organizations are increasingly becoming the new prey of Russian intelligence services. This chilling development signals a shift from the historically spared exiled opposition figures and journalists, a scene set ablaze with break-ins and cyberattacks.
Akno, based in Berlin, has been supporting researchers from Russia, Belarus, and Ukraine for the past four years, and they've faced two cyberattacks, which were luckily thwarted. The network suspects a Russian intelligence service to be the mastermind behind these digital skirmishes, but they admit that it's a tough cookie to crack.
- *
Suspicion abounds when a stranger turning up repeatedly around the unannounced meetings Akno organizes doesn't belong to their network. The hunted scientists from Russia and Belarus sought refuge in Germany due to persecution, job bans, or similar reasons. The Ukraine researchers came over because of the war, while some from the Russian-occupied territories fled due to repression.
- *
In late March, a suspected cyberattack from Russia targeted the German Society for Eastern European Studies (DGO). The German authorities are investigating this incident, with the Federal Office for Information Security (BSI) and the Federal Office for the Protection of the Constitution taking the lead.
The DGO has been labeled as an "extremist organization" by Russian authorities, against which the Federal Foreign Office has protested. Akno has been designated as an "undesirable foreign organization" in Russia since December 2023, and all its activities there have been banned since then.
- *
The probe reveals that recent cyberattacks on Berlin-based research institutions focusing on Eastern Europe can be attributed to Russian state-backed hackers, mainly the APT29 group, also known as Cozy Bear, affiliated with Russia's Foreign Intelligence Service (SVR). These hacker groups aim to infiltrate email systems and manipulate democratic discourse in Germany.
Moreover, Germany's Interior Ministry has witnessed an unprecedented rise in sabotage and hybrid threats linked to Russian government operations. Ftor example, potential sabotage attacks involving explosives have been averted, with evidence pointing towards Russian intelligence, notably the GRU, orchestrating such actions.
- *
Due to the mass expulsion of Russian diplomats and spies from Germany, Russian services have been compelled to adapt. They've started recruiting local agents through blackmail and financial incentives, with some German citizens already caught spying for Russia, raking in juicy paychecks of around 400,000 euros per agent.
The Federal Office for the Protection of the Constitution (BfV) acknowledges that Russia is hell-bent on restoring its espionage capabilities within Germany despite Western countermeasures.
- *
In summary, a sophisticated and evolving Russian espionage campaign is looming large over German research institutions focused on Eastern Europe. German security agencies are stepping up their game to counter these threats, demonstrating vigilance and a strong determination to protect German democracy and security.
- Akno, the Academic Network for Eastern Europe based in Berlin, has faced two cyberattacks they suspect to be orchestrated by a Russian intelligence service.
- The German Society for Eastern European Studies (DGO) was targeted by a suspected cyberattack from Russia, with the Federal Office for Information Security (BSI) and the Federal Office for the Protection of the Constitution leading the investigation.
- The recent cyberattacks on Berlin-based research institutions focusing on Eastern Europe can be attributed to Russian state-backed hackers, such as the APT29 group, also known as Cozy Bear, affiliated with Russia's Foreign Intelligence Service (SVR).
- The Federal Office for the Protection of the Constitution (BfV) acknowledges that Russia is determined to restore its espionage capabilities within Germany despite Western countermeasures.
