Submit your essay to the AI-Cybersecurity Essay Prize Competition by January 2, 2025.
The AI-Cybersecurity Essay Prize Competition
Read more
Main Logo Expert commentary on tech and security

Germany’s leaky operational security causes embarrassment and strategic harm

Stephan Blancke 21 March 2024
Share On:
Indignation is not a counterintelligence strategy against the German military's operational security lapses
Main Top Image
Image created with the assistance of Dall-E 2

In 2013, after Edward Snowden revealed the US National Security Agency (NSA) had intercepted the German head of government’s work phone, the then-chancellor Angela Merkel declared, “Wiretapping between friends is not an option!” 

At the time, a nervous Federal Chancellery instructed the foreign intelligence service Bundesnachrichtendienst (BND) to “immediately stop spying on EU and NATO partners.” Germany’s indignation was at least partly tempered by the discovery that the BND had also monitored allied friends. Now Germany is once again outraged that it has become the target of espionage. 

Wiretapping between foes is an option

Russia appears to have recorded a conversation between four high-ranking German military officers and made the almost 40-minute conversation public via Telegram on 1 March 2024. The discussion centred on a possible delivery of the Taurus cruise missile system to Ukraine, including technical issues such as installation and target programming. Russian propaganda particularly emphasises that the Germans discussed the possible destruction of the Crimean bridge. 

The leak has been politically explosive for at least three reasons. First, it has the German military confirming the presence of Western military personnel in Ukraine. Second, the speakers refute earlier public statements by Chancellor Olaf Scholz: German soldiers apparently do not need to be stationed in Ukraine for a Taurus deployment, but Ukraine’s military needs advice in advance. 

Third, and more broadly, Germany once again finds itself amid a political debate about espionage, a tool the country seems to enjoy deploying while refuting its use by any other state, friend or foe. And to top it off, the Germans are making themselves easy targets.

Since the initial Telegram post, even more classified details have been revealed. In a secret special meeting of the Defence Committee in Berlin on March 11, new security concerns about the Taurus delivery to Ukraine became known. Processing large data volumes requires specialised systems. These are few, and if they are sent to Ukraine with a Taurus delivery, they would be unavailable to the Bundeswehr. Treason charges have been filed against unknown persons for the leak.

Indignation at Putin’s hybrid game

On March 3, Defence Minister Boris Pistorius declared that the audio file being made public was “part of an information war that Putin is waging” and that it was “a hybrid attack aimed at disinformation.” Elsewhere, Pistorius said it was a “coincidence” and not a “targeted attack by a Russian spy”. He assumed it was a “chance hit”, a “game by Putin” to which he would not sacrifice “his best officers” by punishing them for the operational security lapse to avoid playing into Putin’s hands.  

These statements appear contradictory: A “hybrid attack for disinformation” would not be based on “coincidence.” On the contrary, a hybrid attack requires precise planning and coordination of all the techniques and actors involved. 

In this respect, a successfully executed hybrid operation can be seen as an insidious work of art that must always be reckoned with – especially in times of war. Surprise and indignation are, therefore, inappropriate. 

‘Best officers’ over best practices 

The involvement of Pistorius’ “best officers” indicates that the Russian intelligence services had given the operation some thought beforehand, assuming they were behind it. 

The four military officers have prominent profiles—ones likely to interest the Russian intelligence services. One is a well-known air force inspector, Ingo Gerhartz. Gerhartz was jointly responsible for the NATO “Air Defender” manoeuvre, which the Russians and their trolls fought through propaganda on social media and ultimately described as a sign of NATO’s “imperialist ambitions“. He is slated to lead the Allied Joint Forces Command in Brunssum, Netherlands, in 2025.

This makes Gerhartz a well-placed target for foreign espionage, adversarial or otherwise. Thanks to tips from apparently more effective partners, Germany has arrested numerous spies working for Russia. Therefore, it is within the realm of possibility that a spy sits within the Ministry of Defence and has access to the generals’ calendars.

The predecessors of today’s Russian intelligence services—foremost, the KGB—used every opportunity to get information. This included employing technical expertise and exploiting human error. Precise spying on potential targets was as much a part of this then as it is today. Then as now, the targets were spied on intensively in advance over a long period in order to know precisely where the target’s weak points were during an operation, when their appointments were, who they were going to meet, and so on. So there is also the possibility that the Russians knew in advance exactly when the Germans would talk about Taurus.

‘Social engineering’ is the modern phrase of what used to go into creating a dossier in the old times. In the past, officials talked their heads off at the bar and were spied on. Today, carefree officials use open Wifi networks to log in and divulge classified information. 

The leaked conversation shows this carelessness is a problem: one of the speakers explained that he would send the details of an official matter, which incidentally also became apparent during the conversation, to his colleague via WhatsApp, a platform with known security flaws. The operational security concerns remain similar, even if the exploitation techniques are different.

Caught in the Singapore sling 

One of the conversation’s participants had apparently logged into Webex communications via the Wifi of a hotel in Singapore. Many European military personnel were meeting at a conference in Singapore, leading the German Defence Minister to assume it was a “coincidental hit as part of a broad-based, scattered approach.”

This wide-net method is usually attributed to the Chinese intelligence services. China and Russia have moved closer together since the start of the war in Ukraine, so this possibility should be considered. Both states are known for brazen cyber operations, and members of their respective hacking communities appear on sanctions lists time and again. In this scenario, the Chinese, who are very active in Singapore, could have recorded this conversation and passed it on to the Russians. 

It is also possible that cyber criminals were the original source of the leak. Selling hacked sensitive data is a lucrative business on the dark web. Criminals have been selling all kinds of classified information from different regions of the world for years. Chinese intelligence services have repeatedly operated with Chinese organised crime and so-called patriotic hackers. 

Both countries benefit from discrediting the Western military alliance. Chancellor Scholz’s revelation that the British are on the ground in Ukraine has already angered the allies. The leaked Taurus conversation has now confirmed this ill-considered statement. A successful propaganda campaign with detrimental political ramifications for the West? Sounds like the outcome of skilful hybrid operations. 

Zeitenwende, intercepted

Germany’s poor operational security has also troubled its allies. With the leaked Taurus recording, Britain has had to deal with political fallout caused by an ally’s mishandled operational security. The French newspaper Le Monde describes the leak as “disastrous” for Germany’s international reputation. Its partners are right to complain, particularly when Germany’s shortcomings also affect their own interests. 

In view of this mishap, the German security authorities must once again ask themselves how and where they position themselves. The German Interior Minister Nancy Faeser on March 5 declared that “protective measures against espionage and disinformation have been increased”. She told various media outlets that “as an initial protective measure, the government has ramped up its counter-espionage measures by increasing the number of staff and technology”. 

Such a step would be welcome, but asking about the concrete figures is important. How can such a step be taken in a country where all changes within the bureaucracy often require years? Bureaucratic regulation, increased politicisation, and excessive legislation paralyse Germany’s intelligence community.In response to the Russian full-scale invasion of Ukraine in February 2022, Scholz promised a Zeitenwende, a changing of the times, in which the country would finally become a constructive and capable actor in European security. To achieve that, the country needs confident and robust intelligence services. It has a long way to go.

avatar
Stephan Blancke

Related

Featured image
Hooked On Trends
Re-thinking cybersecurity capacity building
James Barr / Sofia Liemann Escobar / Jessica McClearn / Phil Sheriff 18 June 2024
Read more arrow
Featured image
Hooked On Trends
Spyware are still having a ‘ball’ despite a decade of warnings
Runa Sandvik 28 November 2023
Read more arrow
Featured image
Hooked On Trends
Freelance cyber networks fuel North Korean nuclear ambitions
Chandana Seshadri 19 November 2024
Read more arrow

Terms and Conditions for the AI-Cybersecurity Essay Prize Competition

Introduction

The AI-Cybersecurity Essay Prize Competition (the “Competition”) is organized by the European Cyber Conflict Research Incubator (“ECCRI CIC”) in partnership with the Munich Security Conference (“MSC”). It is sponsored by Google (the “Sponsor”). By entering the Competition, participants agree to these Terms and Conditions (T&Cs).

Eligibility

The Competition is open to individuals worldwide who are experts in the fields of cybersecurity and artificial intelligence (“AI”). Participants must ensure that their participation complies with local laws and regulations.

Submission Guidelines

Essays must address the question: “How will Artificial Intelligence change cybersecurity, and what are the implications for Europe? Discuss potential strategies that policymakers can adopt to navigate these changes.”

Submissions must be original, unpublished works between 800-1200 words, excluding footnotes but including hyperlinks for references.

Essays must be submitted by 2 January 2025, 00:00 am CET., through the official submission portal provided by ECCRI CIC.

Only single-authored essays are accepted. Co-authored submissions will not be considered.

Participants are responsible for ensuring their submissions do not infringe upon the intellectual property rights of third parties.

Judging and Awards

Essays will be judged based on insightfulness, relevance, originality, clarity, and evidence by a review board comprising distinguished figures from academia, industry, and government.

The decision of the review board is final and binding in all matters related to the Competition.

Prizes are as follows: 1st Place: €10,000; Runner-Up: €5,000; 3rd Place: €2,500; 4th-5th Places: €1,000 each. The winner will also be invited to attend The Munich Security Conference

Intellectual Property Rights

The author retains ownership of the submitted essay.

By submitting the essay, the author grants ECCRI CIC exclusive, royalty-free rights to use, reproduce, publish, distribute, and display the essay for purposes related to the Competition, including but not limited to educational, promotional, and research-related activities.

The author represents, warrants, and agrees that no essay submitted as part of the essay prize competition violates or infringes upon the rights of any third party, including copyright, trademark, privacy, publicity, or other personal or proprietary rights, breaches, or conflicts with any obligation, such as a confidentiality obligation, or contains libellous, defamatory, or otherwise unlawful material.

The author agrees that the organizers can use your name (or your pseudonym) and an image of you in association with your essay for purposes of publicity, promotion and any other activity related to the exercise of its rights under these Terms.

The organizers may remove any essay-related content from its platforms at any time and without explanation.

The organizers may block contributions from particular email or IP addresses without notice or explanation.

The organizers may enable advertising on its platforms and associated social media accounts, including in connection with the display of your essay. The organizers may also use your Material to promote its products and services.

The organizers may, at its sole discretion, categorise Material, whether by means of ranking according to popularity or by any other criteria.

Data Protection

Personal information collected in connection with the Competition will be processed in accordance with Virtual Routes’ Privacy Policy. Participants agree to the collection, processing, and storage of their personal data for the purposes of the Competition.

Liability and Indemnity

ECCRI CIC, MSC, and the Sponsor will not be liable for any damages arising from participation in the Competition, except where prohibited by law.

Participants agree to indemnify ECCRI CIC, MSC, and the Sponsor against any claims, damages, or losses resulting from a breach of these T&Cs.

General Conditions

ECCRI CIC reserves the right to cancel, suspend, or modify the Competition or these T&Cs if fraud, technical failures, or any other factor beyond ECCRI CIC’s reasonable control impairs the integrity or proper functioning of the Competition, as determined by ECCRI CIC in its sole discretion.

Any attempt by any person to deliberately undermine the legitimate operation of the Competition may be a violation of criminal and civil law, and, should such an attempt be made, ECCRI CIC reserves the right to seek damages from any such person to the fullest extent permitted by law.

Governing Law

These Terms and Conditions are governed by the laws of the United Kingdom, without regard to its conflict of law principles. Any dispute arising out of or in connection with these Terms and Conditions, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of the United Kingdom. The participants agree to submit to the exclusive jurisdiction of the courts located in the United Kingdom for the resolution of all disputes arising from or related to these Terms and Conditions or the Competition.