- Over the past few years, Germany has started to take the threat posed by Russia more seriously
- Germany actively tries to boost its cyber defence and promote cyber security internationally
- However, by downplaying the Russian threat on many fields, Berlin has a rather ambivalent stance towards Moscow
- The approval of Nord Stream two by German authorities illustrates that the Kremlin has successfully managed to co-opt the majority of Berlin’s political establishment for its energy game
Relations with the Russian Federation
Description: The awakened. These countries have significantly shifted their policies and concerns following Russian aggression in Ukraine.
Though traditionally more skeptical about the threat posed by Russia than its eastern neighbours, Germany was a proponent of tough EU measures against Russia in the aftermath of the annexation of Crimea and its invasion of the Donbass. Germany has witnessed a significant deterioration in relations with Russia in recent years, intensified by Russian attempts to spread fake news, launch cyberattacks against the Bundestag’s IT systems, and influence the country’s internal political affairs (e.g., by backing populist parties, other pro-Russian groups through its network of contacts, and by founding own organisations). These hostile efforts are exemplified by the “Lisa case”, in which a fake news story about the alleged raped of a 13-year-old Russian-German girl by migrants spread on Russian media websites in order to portray Germany and Angela Merkel as incapable of protecting its own (and Russian) citizens. According to latest public opinion polls, however, only 28% of German citizens trust Russia as a national partner, while 67% say that Russia cannot be trusted.
Russia remains Germany’s largest energy supplier, even though Germany was one of the first countries to advocate for better energy security during Russia’s natural gas disputes with Ukraine over the last decade. However, this effort has ended after German authorities under the newly formed grand coalition have given their final approval for building the Nord Stream 2 pipeline. These are worrisome developments that put not only European energy security at risk, but also have the potential to drive a wedge between European countries on a political level.
Political acknowledgement of the threat
Overall, following the “Lisa case” and Russian hacking of the German Parliament’s computer networks – stealing more than 16 gigabytes of data – the topic of Russia’s influence operations is gaining more attention both within the state administration and in the media. The 2016 White Paper on German Security Policy and the Future of the Bundeswehr considers cyber risks to be a major security threat and recognises that “the cyber and information domain has become an area of international and strategic importance that has practically no limits.” In November 2016, the federal government approved the State of IT Security in the Germany 2016 report created by the BSI. This document provides a detailed analysis of the current situation in Germany, serves as a framework for interdepartmental cooperation in the field of cybersecurity, and foresees 30 strategic goals and measures for improvement in this area.
At the same time, German authorities play a rather ambivalent role. This is particularly true when looking at German-Russian bilateral energy relations. As journalists from the German newspaper Die Welt have found out, the German government (CDU/CSU and SPD) has been pushing for the Nord Stream 2 pipeline project behind closed doors. According to the article, more than 60 gatherings took place between Angela Merkel’s government and the companies building Nord Stream 2. Under the new formed grand coalition, Nord Stream 2 has been approved by German authorities.
Furthermore, the Kremlin takes influence on German youth associations under the pretext of dialogue. The DRJUG e.V., a German-Russian youth association which also include young Polish people and Ukrainians, was, among others, sponsored by Kremlin-foundations “Russkij Mir” and “Gortschakow” in cooperation with the German Federal Foreign Office. Although a German diplomat expressed reservations over the purpose of the forum as a platform for Russian propaganda during a speech in 2016 in Kiev, the Federal Foreign Office has been a project partner both in 2016 and 2017. The speech at the Trilateral Youth Forum “Germany, Russia, Ukraine: A Common Future?” was removed from the YouTube channel of the Ukraine Media Crisis Center after diplomatic pressure.
Government activities against Russian influence & disinformation
In 2011, the Federal Ministry of the Interior published its Cyber Security Strategy for Germany, which, among other things, called for establishing the National Cyber Response Centre and the National Cyber Security Council. Both of these institutions started functioning the same year. Nevertheless, it is worth mentioning that their inception cannot be traced back to a perceived Russian threat. Only after a series of cyber-attacks on German critical infrastructure, as well as propaganda and disinformation efforts, have the camps begun to take the issue of Russian influence more serious. In 2017, the Bundeswehr (German military) launched the new Cyber and Information Space Command (CIR), which will have its own independent organisational structure, thus becoming the sixth branch of the German military. The Bundeswehr now sees itself “at the international forefront” regarding cyber warfare and plans to bring 13,500 German soldiers and civilian contractors currently dealing with cyber defence from a number of different locations under the CIR’s roof.
In September 2017, the German Interior Ministry opened a new cybersecurity agency in Munich. The new ‘central office for information technology in the security sphere’ (ZITiS) is to be financed with some 10 million euros ($12 million) in the first year alone, with 120 positions created immediately. The German government has announced the expansion of that workforce to 400 employees by 2022. ZITiS is part of a centralised attempt to tackle cybercrime and digital espionage.
At the end of June 2017, Germany passed a controversial law aimed to combat the spread of fake news and hate speech on the internet. Under the new legislation, which amounts to the boldest step yet by a major Western nation to control social media content, social networks like Facebook and Twitter have 24 hours to remove fake news that incites hate and other “criminal” content or face fines as high as 50 million euros.
Germany is a sponsoring nation of NATO STRATCOM COE and participates in the Finnish COE on Countering Hybrid Threats; however, it does not have a seconded national expert in the EEAS East STRATCOM team. The country is aware of the need for international cooperation on this front, which it often emphasises in its policy documents, together with its responsibility to take an active role.
The approach of intelligence agencies to Russian interference
According to the 2015 Annual Report on the Protection of the Constitution by the German Ministry of the Interior, Germany sees Russia as one of the major players behind espionage activities and cyber-attacks directed against Germany. However, a year-long investigation conducted by German intelligence, ordered by Angela Merkel in the aftermath of the “Lisa case”, failed to uncover Kremlin-backed meddling into German politics. The intelligence report nevertheless stressed that Russia has been on a ‘confrontational path’ against Germany since 2014, that its media is ‘hostile’, and that German intelligence authorities are well aware of the threat posed by Russia especially in connection with the 2017 federal elections. “We have evidence that cyber-attacks are taking place that have no purpose other than to elicit political uncertainty. […] We have indications that [the attacks] come from the Russian region,” said Bruno Kahl, president of the Federal Intelligence Service (Bundesnachrichtendienst). Hans-Georg Maaßen, president of the domestic BfV intelligence agency, said in an interview that cyberspace had become “a place of hybrid warfare” in which Russia was a key player.
Activities of the non-governmental sector
There are no known organisations or institutions in Germany devoting their activity solely to disinformation campaigns; however, many institutions engage in this topic within the broader scope of their activities. These include the German Council on Foreign Relations (Deutsche Gesellschaft für Außenpolitik), whose main subject of interest is security policy and Russia; the German Institute for International and Security Affairs (Stiftung Wissenschaft und Politik, SWP), which focuses mostly on security and the region of Eastern Europe; and the Center for Applied Policy Research (Centrum für angewandte Politikforschung, CAP) at the University of Munich. All of these, however, lack particular focus on the issue of disinformation, propaganda, or cyber.
Education in Germany is directed individually by the federal states, but the Federal Agency for Civic Education (Bundeszentrale für politische Bildung, BPB) serves as an umbrella authority. Also important are the Mediale Pfade – Agency for Media Education, which develops new paths of learning and participation using media and focuses on political education, and the Initiative D21, which main objective is accelerating the transformation of Germany into a digital information society.
There are also some media outlets in Germany that have started investigating the issue of fake news (e.g., Die Zeit, ARD main news, tagesschau.de which is responsible for the anti-fake news portal Faktenfinder) and some independent fact checkers as well: for example, Correctiv is a team of German fact-checkers who work for Facebook but do not accept money from it because they want to retain total editorial independence. Their work consists mostly of monitoring suspicious stories.
To bring the United States and Germany (and by extension the European Union) closer together on cyber policy issues and to re-establish a common transatlantic framework for cyber policy, the German Think Tank Stiftung Neue Verantwortung (SNV) has established the Transatlantic Cyber Forum with the financial support of the Robert Bosch Stiftung and the William and Flora Hewlett Foundation ($229,000 in total). TCF is an intersectional network of experts from civil society, academia, the private sector and government working in various areas of transatlantic cybersecurity and cyber defence policy. Among other things, the forum aims to identify areas of common understanding and to focus on the full set of digital security/foreign policy issues and the identification of the nature of their relationships. Furthermore, the Stiftung Neue Verantwortung is running the project “Measuring Fake News” which is also supported by the William and Flora Hewlett Foundation ($100,000).
More than 400 researchers in Darmstadt are working at the Center for Research in Security and Privacy (CRISP) on key research topics in cybersecurity. CRISP is comprised of several partner institutions, including the Technical University of Darmstadt, the Darmstadt University of Applied Sciences, and the Fraunhofer Institutes for Secure Information Technology. This partnership represents the largest alliance of research institutes in the area of cybersecurity within Europe. CRISP is funded by the German Federal Ministry of Education and Research (BMBF) and the Hessian Ministry for Science and the Arts (HMWK).
 “How do European democracies react to Russian aggression”. European Values. 22 April 2017. Available at: http://www.europeanvalues.net/russia/
 “White Paper on German Security Policy and the Future of the Bundeswher”. German Federal Government, Germany. 2016. Available at: http://www.gmfus.org/publications/white-paper-german-security-policy-and-future-bundeswehr
 “The State of IT Security in Germany”. German Federal Office for Information Security. 2016. Available at: https://www.bsi.bund.de/EN/Publications/SecuritySituation/SecuritySituation_node.html
 Schweppe, C. & Arab, A. (2017) “Brisante Nähe”. Die Welt. 15 December 2017. https://www.welt.de/politik/deutschland/article171601464/Brisante-Naehe.html
 Röpcke, J. “AA-Mitarbeiter warnte schon 2016 vor ‚Propaganda‘”. Bild. 26 January 2018. http://www.bild.de/politik/ausland/isis/drjug-auswaertiges-amt-54558620.bild.html
 Nina Werkhäuser: “German army launches new cyber command”. Deutsche Welle. 1 April 2017. Available at: http://www.dw.com/en/german-army-launches-new-cyber-command/a-38246517
 Knight, B. (2017). “ Hacking for the government: Germany opens ZITiS cyber surveillance agency”. 14 September 2017. http://www.dw.com/en/hacking-for-the-government-germany-opens-zitis-cyber-surveillance-agency/a-40511027
 Carla Bleiker, Kate Brady: “Bundestag passes law to fine social media companies for not deleting hate speech”. Deutsche Welle. 30 June 2017. Available at: http://www.dw.com/en/bundestag-passes-law-to-fine-social-media-companies-for-not-deleting-hate-speech/a-39486694
 “2015 Annual report on the Protection of the Constitution”. German Federal Ministry of the Interior. 2016. Available at: https://www.verfassungsschutz.de/embed/annual-report-2015-summary.pdf
 Esther King: “German intelligence find no evidence of Russian meddling”. Politico. 7 February 2017. Available at: http://www.politico.eu/article/german-intelligence-finds-no-evidence-of-russian-meddling/
 Kate Connolly: “German spy chief says Russian hackers could disrupt elections”. The Guardian https://www.theguardian.com/world/2016/nov/29/german-spy-chief-russian-hackers-could-disrupt-elections-bruno-kahl-cyber-attacks
 Amol Rajan: “Germany leads fightback against fake news”. BBC. 16 February 2017. Available at: http://www.bbc.com/news/entertainment-arts-38991973