Authorities in Germany believe a 20-year-old man from the Hesse province is responsible for the latest hacking attacks against high-ranking politicians and other prominent Germans in the past weeks. The suspect was interrogated and allowed to go home after he confessed.
During a hastily organized press conference, Germany’s Minister of the Interior, Horst Seehofer, congratulated the authorities which were part of the successful investigations carried out since the story broke. Holger Münch, the head of the Federal Criminal Police Office (BKA), which is the German equivalent of the F.B.I., was there as well, along with his colleague Arne Schönbohm from the Federal Office for Information Security (BSI).
Münch said 45 investigators had managed to find the suspect within 48 hours. According to available insights, the hacker did not use any hacking software, but “used other methods” in order to bypass passwords.
The authorities in charge of the investigation believe the alleged offender is not part of radical right-wing groups. But Münch stated the young man was known for a similar act he had been responsible for, before the latest hacking drama.
“Discontent about public quotes by politicians, journalists and other prominent people” was the hacker’s motive for his action, according to the BKA. In spite of this information, Münch said he did not believe in a “dominant political motive”.
Seehofer’s ministry now wants to establish an anti-hacking division and improve the authorities’ reaction to cases of this kind.
During the press conference in Berlin, Horst Seehofer talked about details of the investigation. As it turns out someone at the office of Labour Minister Andrea Nahles, who is also the chairlady of the Social Democratic Party (SPD) called the BKA on Friday, January 4th, 2019, after a data breach was detected. The call was placed at 10:40 p.m..
It looks like it took the BKA less than two hours to contact the BSI, which is in charge when it comes to the technical aspects of large-scale hacking cases. Another hour later that authority started securing files and assessing the situation.
At 3:48 a.m. on Saturday, more authorities were informed about the breach. At 6:50 a.m., interior minister Seehofer was told about it. Later that morning Twitter was asked to delete two accounts used by the alleged culprit. They were ‘g0d’ and ‘0rbit’. Via the latter account, the suspect had released personal data of politicians and other celebrities.
Then, at 10:35 a.m. on Saturday, the parties affected were informed about the large-scale data theft. Shortly after 11:00 a.m., Twitter actually deleted the accounts.
On Sunday, the suspect was identified after the authorities received calls with information leading towards him, and after interrogating several individuals. Then, finally, on Sunday night the hacker was arrested and his apartment searched.
At this stage it looks like more than 1000 politicians and celebrities were affected by the theft of data and their publication. In about 60 cases, credit card numbers, photos and communication files were stolen and uploaded to Twitter. In most cases, mainly phone numbers, postal addresses and e-mail addresses were stolen.
Among Bundestag MPs, most of the data theft victims were members of Chancellor Angela Merkel’s conservative party CDU, 204 of them, while 90 were social democrats (SPD), 26 liberals (FDP), 47 left-wingers (Die Linke) and 31 greens (Bündnis 90/Die Grünen). Members of the radical right-wing AfD were not affected.
On Monday, there had been a lot of speculation regarding the hacking incident. German media were asking themselves aloud whether the culprits had to be searched in the right-wing spectrum or possibly abroad.