German spooks deploy spyware against Afghan ministry?

Filed Under: Malware

Der SpiegelAn interesting news story broke this weekend in Germany.  According to reports in Der Spiegel, the BND - Germany's foreign intelligence service - used spyware to monitor the Ministry of Commerce and Industry in Afghanistan.

Confidential documents, passwords and email communications are said to have been compromised by German spies, and sent to the BND's headquarters in Pullach, Germany.

The news follows revelations last week that the BND had intercepted emails between Spiegel journalist Susanne Koelbl and Afghanistan's Commerce Minister Amin Farhang.

Understandably, a diplomatic row has erupted between the two countries as a result of these revelations.

BND logoOf course, there have been rumours and accusations of different countries spying on each other using malware in the past.

For instance, in September 2007, the Financial Times reported that the Chinese military were being blamed for a cyberattack which targeted a Pentagon computer system serving the office of US defense secretary Robert Gates. The newspaper reported that the People's Liberation Army (PLA) were being blamed for perpetrating the attempted hack. Media reports in The Guardian claimed that the British and German governments have also been subject to similar probes by hackers working for the PLA.

The fact is that spying has been going on between countries for thousands of years - whether it be for commerical or military advantage.  It would be dumb to think that nations would not take advantage of computers and the internet to assist them in their espionage activities, so we shouldn't be too surprised to read these reports coming from Germany and Kabul.

Sophos's position is that we detect all the spyware that we know about - regardless of who its author may be.  So, if this German-built spyware really does exist and it arrives in SophosLabs we will add detection of it regardless of whether it may be state-sponsored.  Indeed, perhaps with our proactive detection we may already be detecting it.

The advice for companies, organizations and governments alike is to keep their malware defenses up-to-date and ensure that proper security is in place to prevent intruders (be they cybercriminals or foreign government spies) from stealing information.

, , , ,

You might like

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.