Germany’s foreign ministry on Thursday summoned the Russian ambassador over a 2015 cyberattack on the German parliament, saying that Berlin would press for sanctions against those responsible for the hack.
The move came about two weeks after Chancellor Angela Merkel told parliamentarians that she had “hard evidence” that Russia was responsible for an “outrageous” cyberattack on the Bundestag in the spring of 2015, which reportedly caused the theft of more than 16 gigabytes of data, including confidential emails from lawmakers.
A foreign ministry spokesperson said that Russian citizen Dmitry Badin is “strongly suspected of being responsible for the hacking attack,” adding that “there are strong indications that he was a member of the GRU military intelligence service at the time of the attack.”
The German federal prosecutor issued an arrest warrant against Badin earlier this month.
According to the spokesperson, the foreign ministry had summoned Russia’s ambassador to Germany, Sergej Netschajew, to inform him that Berlin would raise the issue at EU level to seek Europe-wide sanctions targeted at Badin and others responsible for the attacks.
EU countries last year agreed on a regime that allows the bloc to slap sanctions on cyber attackers, including travel bans and asset freezes. It’s part of a broader use of diplomatic tools to deter cyberattacks on EU countries.
So far, the EU has not disclosed any sanctions linked to cyberattacks. The German suggestion would be the first of its kind.
“This would be unprecedented for the EU cyber sanction tool,” said Lukasz Olejnik, a cybersecurity researcher and consultant. “We would see an interesting test of the [EU’s package of measures to deter cyberattacks], specifically on consensus finding,” he said. EU member countries need to agree on sanctions unanimously.
National cybersecurity experts are scheduled to meet in Brussels next Wednesday, in the first meeting that could take place physically since the start of lockdown measures in Europe.