In October 2017, German intelligence officials approached lawmakers and argued for greater legal authority to “hack back” in response to cyber attacks conducted by foreign nation states. The head of Germany’s domestic intelligence agency specifically advocated for the right to be able to destroy data stolen from German servers and relocated to foreign servers in order to mitigate the threat of its misuse. Additionally, the intelligence official expressed the necessity to be able to compromise foreign servers in order to bolster surveillance capabilities that would be leveraged against German cyber targets or extract specific data. Currently, Germany’s foreign intelligence agency does not have the legal to conduct such operations, although it is reputed to have the capability to do so.
Germany, like many other nations, has been a frequent victim of advanced persistent threat (APT) activity suspected of being conducted or directed by foreign governments. A 2017 government report by the domestic intelligence service revealed that Germany was a primary target of cyber spying operations suspected of being conducted by such foreign governments as China, Russia, and Turkey. According to the report, industrial espionage costs German industry billions of euros each year, with small- and medium-sized businesses often the biggest losers.
