German officials say they are expecting Russia to try and influence its upcoming general election on 24 September. In a news conference on Tuesday (4 July), Interior Minister Thomas de Maiziere warned that confidential documents and data stolen from the German Parliament in a major cyberattack in 2015 may be leaked in the coming weeks in an effort to undermine democracy, lawmakers and members of the government. These files have not been published elsewhere.
Hans-Georg Maassen, the head of Germany's BfV intelligence agency, said it is not currently known what Russia could do.
However, he warned that Russia's intention may not be to favour one party over another, but to "damage trust in and the functioning of our democracy so our government should have domestic political difficulties and not be as free to act in its foreign policy as it is today".
De Maiziere pointed to the alleged Russian interference in the 2016 presidential election in the US and efforts to influence the election in France in May.
"As a result, it cannot be excluded — and we are preparing internally — that there will be a similar effort to influence the election in Germany," de Maiziere said.
According to the BfV's 339-page annual report released on Tuesday, Germany has been a target of spying and cyberattacks by foreign governments. Among the main countries spying on Germany are Russia, China and Iran, each for different reasons.
Detailing the wide range of security threats facing Germany, such as Islamist militancy and increasingly violent far-right extremism, the report noted that cyberattacks have become a growing threat over the past few years.
The targets include the Chancellery, the German military, its Foreign ministry and embassies as well as the Finance and Economics ministries.
"The consequences for our country range from weakened negotiating positions to high material costs and economic damage all the way to impairment of national sovereignty," the report read. It also warned that cyberattacks could lead to significant loss of data and set off delayed-action malware to manipulate and sabotage critical infrastructure.
Over the past few years, the notorious Russian-linked Sandworm malware has also targeted government sites, telecommunications firms, the Nato military alliance and utilities as well.
The BfV also cited a significant increase in propaganda, disinformation campaigns and internet trolls to sway public opinion via social media channels and Russian state media.
"It is assumed that Russian state agencies are trying to influence parties, politicians and public opinion, with a particular eye to the 2017 parliamentary election," it said. "Propaganda and disinformation activities that are pro-Russian and against German government policy have risen since 2014 — in parallel to the growing foreign policy problems (Crimean crisis, Syrian war) and the worsening economic situation in Russia."
The report and official remarks come just before the upcoming G20 summit in Hamburg, which Chancellor Merkel is hosting.
Last year, the BfV said it noticed a "striking increase" in spear-phishing attacks linked to Russian hacker group APT 28, also known as Fancy Bear or Strontrium — the same group accused of hacking the US Democratic National Committee in 2016 and the German Parliament in 2015.
The Kremlin has continued to vehemently deny any involvement in the cyberattacks and attempts to influence foreign elections.