By William Wilkes
BERLIN -- A wave of attacks by Chinese hackers on Germany's
cutting-edge manufacturers is raising alarm in Berlin and prompting
the government to step in to defend the country's competitive
edge.
The small and midsize companies that make Germany an export
powerhouse have landed in the crosshairs of foreign hackers
attracted to the firms' valuable but often poorly protected
intellectual property, German intelligence officials warn.
Some 65% of German manufacturing and technology firms were hit
by cyberattacks in 2016, compared with 62% in the U.S. and 50% in
the U.K., according to insurer Hiscox Ltd. Germany's BfV domestic
intelligence agency estimates German firms lost EUR55 billion euros
($65.3 billion) to espionage, sabotage and data theft last year, up
from EUR51 billion in 2015.
Spooked by the losses, the German government is now moving to
shield companies from state-backed hackers and criminal gangs,
offering to pay to harden the defenses of Germany's most vulnerable
firms. Industry groups are also reaching out to members about the
threat.
"The German economy is the focus of industrial espionage,"
Hans-Georg Maassen, head of Germany's domestic intelligence agency,
said in July. "Attacks have increased over the last two years."
Two years ago, the U.S. and China signed an agreement not to
support hacking aimed at industrial espionage. But despite
high-level talks, German officials have yet to secure a similar
deal. The G-20, which includes China and Germany, announced a pact
against commercial cyberespionage in 2015.
In June 2016, a delegation led by German Chancellor Angela
Merkel flew to Beijing for talks on the matter. While Chinese
officials led by Premier Li Keqiang told Ms. Merkel that Beijing
would protect German firms' intellectual property in China, they
didn't agree to stop hacking.
As Chinese attacks on U.S. companies have eased, Germany has
become a bigger target, according to Nigel Inkster, senior adviser
to the International Institute for Strategic Studies in London.
In a faxed statement, China's Ministry of Foreign Affairs said
it was unaware of the German allegations but reiterated Beijing's
official position that it "resolutely opposes" cyberhacking in
every form.
"If the relevant parties have definitive evidence of hacking
attacks, they can provide it to the Chinese side and we will handle
it according to the law," the statement said. It added that,
"baseless accusations and speculation are not only unprofessional,
they also do nothing to solve the problem."
German firms lead the world in advanced-manufacturing patents,
with 3,917 filed last year versus 1,410 by U.S. and 860 by Japanese
companies, according to the World Intellectual Property
Organization. The world's third-largest exporter spends 2.9% of
gross domestic product on research and development, a higher
percentage than the U.S. and the U.K do, according to the most
recent figures from the Organization for Economic Cooperation and
Development.
Large multinationals can afford to protect their property. Not
so the more than 3.5 million small and midsize businesses -- known
collectively as the Mittelstand -- that produce more than half of
Germany's economic output and sell the tools, parts and components
that power factories around the world, experts say.
"The ignorance at smaller firms is extreme," Alexander Dörsam,
head of IT security at computer-security firm Antago GmbH said.
"The founders of the company are often its leaders. They are older
and don't understand the technology."
China has long fed its voracious appetite for German technology
via Chinese regulations and directives that force foreign investors
to share knowledge with local partners and by acquiring German
businesses. But China's spy agencies have also joined the hunt,
counterintelligence officials here say.
Deutsche Telekom AG, Germany's largest telecommunications
company, said it detected 30,150 cyberattacks from China so far in
this month, with Russia the second-largest source at 7,661
attacks.
Chinese state-backed hacking of Western companies is conducted
by the cyberwarfare units of the People's Liberation Army or
China's Ministry of State Security intelligence agency, according
to Western intelligence agencies and security firms.
Chinese companies used to be able to direct the PLA or MSS to
hack into Western competitors, according to James Lewis, director
of the Strategic Technologies Program at the Center for Strategic
and International Studies in Washington. After Beijing cracked down
on businesses using intelligence resources, companies can still put
in a request for a target to be hacked but no longer can assign
tasks to the teams directly, Mr. Lewis said.
Germany's domestic intelligence agency said in May it had
evidence the APT-10 Chinese hacker group -- also known as Menupass
Team and Stone Panda -- was behind a recent hacking campaign
against German high-tech firms.
APT-10 has been active since 2009 when it started hacking U.S.
military research institutions and companies, according to an April
report by BAE Systems PLC and consulting firm PWC in collaboration
with Britain's GCHQ intelligence agency. APT-10 has significant
financial and human resources and was active during Chinese working
hours, according to the report.
Intelligence officials in the South-German state of
Baden-Württemberg in March said hackers likely controlled by
Chinese intelligence had penetrated in 2016 the systems of a
Mittelstand manufacturer -- a leading manufacturer in its field --
injecting software to steal blueprints and other data.
Deepening economic ties between China and Germany makes Berlin
wary of confronting Beijing over the attacks, according to Nadège
Rolland, a senior China analyst at the National Bureau of Asian
Research in Washington. Exports to China, one of the
fastest-growing markets for German goods, hit $76 billion in
2016.
A spokesman for Germany's foreign ministry said Berlin often
raises the issues of cyberattacks and intellectual property with
Beijing.
Berlin offers to cover some of the cost of shielding Mittelstand
firms from cyberattacks. The economics ministry now pays for
consultants to visit smaller firms and plot countermeasures.
Some German Mittelstand firms have been reluctant to invest in
protection, the cost of which can exceed EUR100,000 a year for a
1,000-person firm, according to Armin Harbrecht of
computer-security company Aramido GmbH.
Almost 90% of Germany's Mittelstand firms have turnover of less
than EUR1 million, according to the KfW bank, making cyber
protection expensive.
Germany's chambers of commerce have sounded the alarm on hacking
too, organizing cybersecurity education seminars for companies.
German insurers have started offering coverage.
"Company leaders in Germany have slowly woken up," said Claudia
Philipp, cyberdefense expert at security firm Atarax GmbH.
Josh Chin contributed to this article.
Write to William Wilkes at william.wilkes@wsj.com
(END) Dow Jones Newswires
September 23, 2017 07:14 ET (11:14 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.