Germany on high alert over cyber attacks at election nears

SHOWS: BERLIN, GERMANY (REUTERS) – Germany is on high alert ahead of the Sept. 24 election, but government officials say they have not seen signs of any new cyber attacks or suspicious news leaks despite months of warnings about possible foreign meddling.

Germany’s BSI federal cyber protection agency said vote IT GmbH, maker of a widely used vote-tabulating software, was implementing a series of recommendations to boost security after software vulnerabilities were discovered by private researchers at the end of July.

The reports came after repeated warnings from Berlin that Russia could try to interfere in the election following a major cyber attack on the German parliament in 2015 that was linked to the APT 28 Russian hacker group.

French and U.S. officials also said Moscow sought to influence their recent votes. Moscow denies any effort to influence foreign elections.

“We saw a likely influence on the elections in America, we have seen attempts to influence the elections in France. Everything points towards this stemming from Russia. Therefore we can’t exclude the possibility of a similar attempt on the German elections,” Germany’s Interior Minister Thomas de Maiziere told a news conference in July.

Germans will vote on paper at polling stations or by mail in advance and the ballots will be counted and entered into a computer system, but news reports published earlier this month cited concerns about the vote collation software, particularly the lack of an authentication step when results are transmitted.

“This was a wake-up call for the German public,” said Tyson Barker, a fellow at the German arm of the U.S.-based Aspen Institute think tank. “Just because we’re doing this on paper doesn’t mean that from end to end there is protection throughout the process as far as tabulating results.”

Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, a U.S.-based cyber security firm, told Reuters that hackers were growing increasingly more sophisticated, and over 70 percent now used encryption, which meant attacks often went undetected for many months.

He said it was not surprising that problems were found with vote IT’s software, given that it had been in use for so long.

“So I think governments around the world, political parties around the world are catching up to the vulnerabilities that are in system…unfortunately our adversaries know that and have capabilities then to influence elections so I think countries around the world are only catching up.”

Authorities have said that around 200 employees of the federal election office would be in Berlin and Wiesbaden on the day of the election to manage the vote process and deal with any crisis.

BSI (Federal Office for Information Security) said it would have a coordinating officer on site in Berlin, but many other employees would be on call in the event of any problems.