BERLIN (Reuters) – The German government is scrambling to reply to a serious and growing threat of cyber attacks, however it lacks the legal framework to retaliate with cyber attacks of the own, top officials said on Monday.
Cyber security is often a major concern for Berlin being a Sept. 24 federal election approaches. German intelligence agencies said in December Russia was planning to use propaganda, cyber attacks along with method for destabilize German society prior to a vote.
"Cyber is just what keeps me up during the night time," Deputy Defense Minister Katrin Suder told reporters in a event hosted by the Federal Academy for Security Policy, a government training body. "This is simply not sci-fi anymore … It’s really a topic of immense and growing importance."
Suder said the German military was making progress with cyber command that starts operations on Wednesday, and power over cyber functions which had been scattered throughout the military had become more centralized.
She underscored the division of responsibilities between military as well as the Interior Ministry, which can be answerable for domestic cyber attacks, adding that your Bundeswehr itself would call police when it a break down major cyber attack.
Suder said the military would only retaliate right after a large-scale attack on Germany if parliament ordered it to. She rejected some lawmakers' concerns about insufficient oversight of the various governmental arms involved in cyber security.
"Existing laws apply, even during cyberspace," she said, noting that any offensive cyber measures stomach within military makes it necessary that had also been approved by parliament. "The guidelines are extremely clear therefore we observe them."
But Agnieszka Brugger, part of the pro-environment Greens who serves to the defense committee, said the ministry's decision to sanction offensive measures raised risks that have not been fully considered. The military should focus on defending their own weapons and pcs, she said.
Brugger also questioned that this new cyber command's work would intersect with that of the BND foreign intelligence service, the BSI cyber security agency along with bodies.
"We start to use just one parliamentary control body that’s the report on all operations. The prevailing fragmented legal authorities as well as the large numbers of actors trigger grave gaps responsible for all," she told Reuters. "Many legal questions are unclear."
Andreas Koenen, head with the cyber security directorate for the Interior Ministry, agreed, telling the conference that Berlin up to now lacks an ample legal reason for counter-attacks. New legislation was unlikely to generally be approved prior to a September elections, he explained.
"No agency is explicitly empowered to execute such measures," he said. "We don't have a very legal basis. We may find the technical capabilities together for the final."
Thomas Wriessnig, v . p . on the Federal Academy for Security Policy, said it was clear that more and more work was was required to organize a large-scale cyber attack.
"Clearly you can find deficits and a second must happen. We're not ready for a vast attack."