A computer security breach allowed access to information on the holding of at least 6,000 meetings of the German army on the videoconferencing platform Webex, the media reported on Saturday May 4 Zeit onlinetwo months after the leak of a confidential military meeting via the same tool.
In a search carried out by the news site, it was possible to access the title, date, time or name of the person inviting to important Bundeswehr meetings on Webex.
“More than 6,000 meetings could be found online”Write the Zeitsome of which were classified, for example with the subject of the long-range Taurus missiles claimed by Ukraine or “the digital battlefield”.
Low complexity computer architecture
In addition, the virtual meeting rooms, allocated to the 248,000 members of the Bundeswehr, were easily identifiable, thanks to a simple IT architecture, and were not protected by a password. Zeit online said to have found, among other things, the digital meeting room of Ingo Gerhartz, the head of the German air force.
The latter’s name was cited in March when a confidential conversation between high-ranking Bundeswehr officers was leaked. Ingo Gerhartz was among the service members who allegedly did not use the required login on Webex. The interception of this conversation by Russian intelligence services caused a scandal in Germany and embarrassed the country vis-à-vis its allies.
According to Zeit Online, the German army only became aware of the security breach following questions from journalists. The flaws themselves were brought to light by Netzbegrünung, an association of cyberactivists, explains the media.
Questioned by Agence France-Presse, a spokesperson for the Bundeswehr’s “cyberspace and information” command confirmed that the army’s Webex instance “presented a flaw” and once known, it was corrected “within 24 hours”. “It was not possible to participate in videoconferences without the knowledge of the participants or without authorization; no confidential content could therefore leave the conferences”assured this spokesperson.
According to Zeit onlinethe Webex instances of Chancellor Olaf Scholz, the Ministry of Finance or the Ministry of the Economy have the same defects and the media was able to connect on Saturday to the digital meeting rooms of Olaf Scholz and Robert Habeck, the vice-chancellor .
