The Cyber-soldiers of the German armed forces only work for the protection of their own networks and simulate a maximum of attacks – so the official line. Now it is clear: by 2015, the unit has cracked the network of a Afghan mobile phone operator, in the case of a kidnapped German, the movements of the kidnappers track. The operation was internally controversial and is not confirmed officially.
The Bundeswehr has, according to information from SPIEGEL ONLINE, as early as 2015, your Cyber-unit on the offensive. At that time, the experts of the unit of “Computer network operations” (CNO), hacked into the internal networks of an Afghan mobile phone operator, to gain information about the kidnapping of an aid worker in Afghanistan.
Until today, the Bundeswehr has always stressed, the strictly shielded troop of around 80 IT professionals games in the Tomburg barracks in Rhine river cyber attacks and counter-attacks only under laboratory conditions. A “start qualification had been” for attacks reached – but only offline.
In the fall of 2015, the Cyber-warrior operated on the other hand, in foreign and far-flung networks. Background a request of the crisis staff, worked on a complicated Hostage situation in Afghanistan. There was on 17. August, the development assistant, Kaethe B. in front of the Kabul office of the GIZ has been hijacked.
Weeks after that first discreet negotiations for the release of the Germans ran. Laboriously, the crisis staff had built over “middle men” contact with the kidnappers. This said, the German for ransom. In the crisis staff, however, there was uncertainty in whether the Criminal is to be trusted. Therefore, we wanted to know whether the kidnappers keep to the agreements for a Transfer of the hostage or not.
For the case of emergency, the Bundeswehr had already laid down in the special forces command (KSK) to Kabul. The elite soldiers are prepared in parallel to the discussions of the crisis unit access. The negotiations would have failed, it should free the KSK, the German development worker forcibly from the hands of kidnappers. Such missions are generally deemed to be highly risky.
The task for the cyber unit of the German armed forces was according to urgency: of the kidnappers phones, used mobile should the IT experts to find out as accurately as possible, whether they were there as you said with the hostage in Kabul and moved to the appointed time, a Drop in the Afghan capital or not.
The CNO unit found a solution: On the available on the Internet customer website of an Afghan mobile phone operator, you hacked into the System of the provider. Shortly thereafter, the soldiers could access the Geo-position data of the kidnappers phones. More or less live after you followed the movements of the Kidnapper.
Release after two months
For the negotiator, the motion profiles were crucial. At the end of the release, this was On the Morning of the 17. October, exactly two months after the kidnapping, handed over in Kabul, a middle man in the uninjured development worker at German soldiers.
The first cyber mission of the Bundeswehr is kept by the government secret till today. Shortly after the release of Käthe b. foreign state Secretary Markus Ederer had informed the Bundestag that “in support of the crisis team on the ground” soldiers of the German armed forces, including the KSK, and “experts”, were active. Of the cyber mission, however, Ederer wrote not a word.
The Federal Ministry of defence wanted to submit on request from SPIEGEL ONLINE, a year later, no comment. With the operations of the unit, CNO, according to a spokesman, would only inform the corresponding secret meeting of the committees such as the Parliamentary control Committee of the Bundestag, or the Chairpersons of the defense Committee.
Question of the ransom remains delicate
Among experts, the first hackers will not be counted-the Mission of the Bundeswehr as a cyber attack, as the soldiers did in the System of the mobile operator no damage, experts speak, therefore, rather of an “offensive Penetration”. Nevertheless, there was a discussion in the crisis team for a long time the use of experts, since the legal situation was unclear.
In hindsight, the government believes the use of hackers by the Afghanistan mandate for the Bundeswehr’s quite covered, since it allows all of the military means for the protection and the rescue of Germans in Afghanistan. Delicate remains that the development worker through the payment of ransom was set free, though the government insists officially that they are vulnerable to blackmail.
The case is likely to revive despite this, the discussion of cyber attacks, the Bundeswehr again. In April 2016, five months after the hostage crisis, had Minister Ursula von der Leyen announced the establishment of its own cyber commands. To attacks with any questions or to offensive operations, she showed, was very cautious – instead, they rather spoke from the protection of its own networks against cyber attacks.
By Matthias Gebauer
Source: spiegel.de (in German)