BERLIN – The German intelligence agencies asked Bundestag, the lower house of German parliament, for right to hack back servers of the cyber-attackers and to destroy stolen data.
Hans-Georg Maassen, head of the BfV domestic intelligence agency, told the parliamentary oversight committee it would also make sense to “infect” foreign servers with software that would enable greater surveillance of any operations directed against German cyber targets, or to extract data, much as human agents are recruited for counter-espionage.
“In the real world, it would be like turning a foreign intelligence agent and getting them to work for us … Something like this should be possible in the cyber world too,” Maassen told the committee in its first public hearing.
“These are ‘hack back’ instruments, but they are below the threshold of destroying or incapacitating a foreign server,” Maassen said.
Germany’s BND foreign intelligence agency already has the expertise, but not the legal authority, to destroy foreign servers, its chief Bruno Kahl told the committee.
German officials have blamed APT28, a Russian hacker group linked to Moscow, for the May 2015 hack of, the Bundestag, and other cyber attacks aimed at political groups, individuals or institutions.