Press
After a wiretapping scandal recently caused an uproar in the Bundeswehr, there is now a data leak. Thousands of conferences could be viewed.
Berlin – Embarrassing setback for Defense Minister Boris Pistorius: According to a media report, there was a huge security gap in the Bundeswehr. At least 6,000 links to video conferences with internal, sometimes confidential information were openly visible on the Internet. That’s what she reports Time on Saturday. According to the report, the vulnerability was discovered by a team at the club Net greening discovered. The data is now offline. The damage caused cannot yet be foreseen.
Over 6,000 Bundeswehr video conferences public: title, date and participants can be viewed
The incident affects the video conferencing tool Webex of the US group Cisco. It will used by the Bundeswehr for around 45,000 meetings per month. The platform is actually considered secure, and the Bundeswehr also conducts confidential discussions Webex.
However, a weak point was that the links to at least 6,000 video conferences could be guessed by counting up or down. “This meant you could see the title, time and who was inviting you to important meetings,” she writes Time.
Easily enter officers’ personal meeting rooms
For example, a meeting on April 25th dealt with the Taurus cruise missile. “At the end of May, classified information on the subject of the ‘digital battlefield’ will be discussed,” the weekly newspaper continues. Past meetings have not been deleted either. The oldest meeting found was from November 2023.
But the team of IT security experts also discovered another vulnerability. This made it easy to guess personal meeting rooms. They were “not even protected by a password or similar security measures,” the report said. “You could join the room with simple credentials like ‘Test’ as your name.”
The links were easy to combine because they were all based on the same principle. In this way, unauthorized persons could have easily taken part in confidential meetings of the Bundeswehr.
The personal meeting room of Ingo Gerhartz, Air Force inspector, was also found during the research. Gerhartz was part of the Taurus leak – he was one of the participants in the conversation published by the Russian media. The incident occurred in March, also via the platform Webex.
Taurus leak: connection between the two incidents?
The internal discussion was about whether the German federal government should deliver the Taurus cruise missile to Ukraine. It can be used over long distances and is considered one of the most modern missiles in the Air Force. In the explosive recording, high-ranking Bundeswehr officers talk about whether and how the Taurus cruise missile could be used in Ukraine. The incident led to numerous reactions, and there was also speculation about Putin’s role in the wiretapping scandal.
The Ministry of Defense had previously blamed an insecure telephone connection as the cause of the wiretapping scandal. However, the data leak that has now been discovered is loud Time to the question of whether Webex is the cause of the security gap. According to the Bundeswehr, there is no connection between the two incidents.
According to the Bundeswehr, only metadata of the video conference links could be viewed on the Internet, but not the content of the conversation. The vulnerabilities were immediately closed, the report says.
Webex security gap: Federal government also affected
And it’s not just the Bundeswehr that is affected by the major security gap. The federal government also uses Webex. As part of the research, the personal meeting rooms of Chancellor Olaf Scholz, Economics Minister Robert Habeck and Finance Minister Christian Lindner were also found and visited. “Olaf Scholz and Robert Habeck’s meeting rooms were still open on Saturday.”
#Bundeswehr #data #leak #thousands #confidential #meetings #visible