Germany Warns of Russian Hackers Targeting Internet Routers

Mintesinot Nigussie

Germany’s domestic intelligence agency has issued a warning that Russian-linked hackers from the group APT28, also known as “Fancy Bear,” have exploited vulnerable TP-Link internet routers to spy on military, government and critical infrastructure networks.

The Federal Office for the Protection of the Constitution (BfV) said the alert was coordinated with the Federal Intelligence Service (BND) and the U.S. FBI. The group is widely believed to operate under Russia’s military intelligence service, the GRU.

Authorities said the hackers targeted thousands of routers worldwide, including about 30 in Germany, and in some cases successfully breached the devices, prompting operators to replace them.

The BfV noted that APT28 has previously attacked the German parliament (Bundestag), the SPD political party and the country’s air traffic control authorities, highlighting the group’s ongoing threat to sensitive networks.

Businesses and organisations using TP-Link routers or similar devices are urged to update firmware and strengthen cybersecurity measures immediately. The warning underscores the persistent cyber threats facing critical infrastructure across Europe.

German authorities are working closely with international partners to mitigate the risks posed by state-sponsored hacking groups.

The incident serves as a reminder of the importance of robust cybersecurity practices for both government and private sector networks in an increasingly complex threat environment.

Overall, Germany’s timely warning highlights the continued efforts of Russian-linked hackers to target critical infrastructure and the need for heightened vigilance across Europe.

Mintesinot Nigussie