Germany’s leaky operational security causes embarrassment and strategic harm

In 2013, after Edward Snowden revealed the US National Security Agency (NSA) had intercepted the German head of government’s work phone, the then-chancellor Angela Merkel declared, “Wiretapping between friends is not an option!” 

At the time, a nervous Federal Chancellery instructed the foreign intelligence service Bundesnachrichtendienst (BND) to “immediately stop spying on EU and NATO partners.” Germany’s indignation was at least partly tempered by the discovery that the BND had also monitored allied friends. Now Germany is once again outraged that it has become the target of espionage. 

Wiretapping between foes is an option

Russia appears to have recorded a conversation between four high-ranking German military officers and made the almost 40-minute conversation public via Telegram on 1 March 2024. The discussion centred on a possible delivery of the Taurus cruise missile system to Ukraine, including technical issues such as installation and target programming. Russian propaganda particularly emphasises that the Germans discussed the possible destruction of the Crimean bridge. 

The leak has been politically explosive for at least three reasons. First, it has the German military confirming the presence of Western military personnel in Ukraine. Second, the speakers refute earlier public statements by Chancellor Olaf Scholz: German soldiers apparently do not need to be stationed in Ukraine for a Taurus deployment, but Ukraine’s military needs advice in advance. 

Third, and more broadly, Germany once again finds itself amid a political debate about espionage, a tool the country seems to enjoy deploying while refuting its use by any other state, friend or foe. And to top it off, the Germans are making themselves easy targets.

Since the initial Telegram post, even more classified details have been revealed. In a secret special meeting of the Defence Committee in Berlin on March 11, new security concerns about the Taurus delivery to Ukraine became known. Processing large data volumes requires specialised systems. These are few, and if they are sent to Ukraine with a Taurus delivery, they would be unavailable to the Bundeswehr. Treason charges have been filed against unknown persons for the leak.

Indignation at Putin’s hybrid game

On March 3, Defence Minister Boris Pistorius declared that the audio file being made public was “part of an information war that Putin is waging” and that it was “a hybrid attack aimed at disinformation.” Elsewhere, Pistorius said it was a “coincidence” and not a “targeted attack by a Russian spy”. He assumed it was a “chance hit”, a “game by Putin” to which he would not sacrifice “his best officers” by punishing them for the operational security lapse to avoid playing into Putin’s hands.  

These statements appear contradictory: A “hybrid attack for disinformation” would not be based on “coincidence.” On the contrary, a hybrid attack requires precise planning and coordination of all the techniques and actors involved. 

In this respect, a successfully executed hybrid operation can be seen as an insidious work of art that must always be reckoned with – especially in times of war. Surprise and indignation are, therefore, inappropriate. 

‘Best officers’ over best practices 

The involvement of Pistorius’ “best officers” indicates that the Russian intelligence services had given the operation some thought beforehand, assuming they were behind it. 

The four military officers have prominent profiles—ones likely to interest the Russian intelligence services. One is a well-known air force inspector, Ingo Gerhartz. Gerhartz was jointly responsible for the NATO “Air Defender” manoeuvre, which the Russians and their trolls fought through propaganda on social media and ultimately described as a sign of NATO’s “imperialist ambitions“. He is slated to lead the Allied Joint Forces Command in Brunssum, Netherlands, in 2025.

This makes Gerhartz a well-placed target for foreign espionage, adversarial or otherwise. Thanks to tips from apparently more effective partners, Germany has arrested numerous spies working for Russia. Therefore, it is within the realm of possibility that a spy sits within the Ministry of Defence and has access to the generals’ calendars.

The predecessors of today’s Russian intelligence services—foremost, the KGB—used every opportunity to get information. This included employing technical expertise and exploiting human error. Precise spying on potential targets was as much a part of this then as it is today. Then as now, the targets were spied on intensively in advance over a long period in order to know precisely where the target’s weak points were during an operation, when their appointments were, who they were going to meet, and so on. So there is also the possibility that the Russians knew in advance exactly when the Germans would talk about Taurus.

‘Social engineering’ is the modern phrase of what used to go into creating a dossier in the old times. In the past, officials talked their heads off at the bar and were spied on. Today, carefree officials use open Wifi networks to log in and divulge classified information. 

The leaked conversation shows this carelessness is a problem: one of the speakers explained that he would send the details of an official matter, which incidentally also became apparent during the conversation, to his colleague via WhatsApp, a platform with known security flaws. The operational security concerns remain similar, even if the exploitation techniques are different.

Caught in the Singapore sling 

One of the conversation’s participants had apparently logged into Webex communications via the Wifi of a hotel in Singapore. Many European military personnel were meeting at a conference in Singapore, leading the German Defence Minister to assume it was a “coincidental hit as part of a broad-based, scattered approach.”

This wide-net method is usually attributed to the Chinese intelligence services. China and Russia have moved closer together since the start of the war in Ukraine, so this possibility should be considered. Both states are known for brazen cyber operations, and members of their respective hacking communities appear on sanctions lists time and again. In this scenario, the Chinese, who are very active in Singapore, could have recorded this conversation and passed it on to the Russians. 

It is also possible that cyber criminals were the original source of the leak. Selling hacked sensitive data is a lucrative business on the dark web. Criminals have been selling all kinds of classified information from different regions of the world for years. Chinese intelligence services have repeatedly operated with Chinese organised crime and so-called patriotic hackers. 

Both countries benefit from discrediting the Western military alliance. Chancellor Scholz’s revelation that the British are on the ground in Ukraine has already angered the allies. The leaked Taurus conversation has now confirmed this ill-considered statement. A successful propaganda campaign with detrimental political ramifications for the West? Sounds like the outcome of skilful hybrid operations. 

Zeitenwende, intercepted

Germany’s poor operational security has also troubled its allies. With the leaked Taurus recording, Britain has had to deal with political fallout caused by an ally’s mishandled operational security. The French newspaper Le Monde describes the leak as “disastrous” for Germany’s international reputation. Its partners are right to complain, particularly when Germany’s shortcomings also affect their own interests. 

In view of this mishap, the German security authorities must once again ask themselves how and where they position themselves. The German Interior Minister Nancy Faeser on March 5 declared that “protective measures against espionage and disinformation have been increased”. She told various media outlets that “as an initial protective measure, the government has ramped up its counter-espionage measures by increasing the number of staff and technology”. 

Such a step would be welcome, but asking about the concrete figures is important. How can such a step be taken in a country where all changes within the bureaucracy often require years? Bureaucratic regulation, increased politicisation, and excessive legislation paralyse Germany’s intelligence community.In response to the Russian full-scale invasion of Ukraine in February 2022, Scholz promised a Zeitenwende, a changing of the times, in which the country would finally become a constructive and capable actor in European security. To achieve that, the country needs confident and robust intelligence services. It has a long way to go.