Dismissal of the German cybersecurity chief: who is afraid of the big bad Russian?

It lasted eleven days.

Arne Schönbohm lost his post as director of the German Cybersecurity Agency on Tuesday, October 18.

Nancy Faeser, Minister of the Interior, decided that the political and media controversy over the alleged links between the boss of the powerful German Net policeman and a cybersecurity company close to Russian intelligence – revealed on October 7 – had lasted long enough.

"The necessary public confidence in the neutrality and impartiality of the president of the most important cybersecurity body in Germany has been shaken," said the German minister.

She put an end "with immediate effect" to the mandate of Arne Schönbohm.

The comic vs the "cybercops" 

A blow for German cyber defense in the tense context of the war in Ukraine and Russian activities in cyberspace.

Berlin already suspects Russian hackers of being behind the sabotage that paralyzed the rail network in northern Germany on Saturday, October 8.

But Arne Schönbohm knew he was doomed.

All because of a German comic.

The chronicle of the announced fall of the country's first cybercop begins, in fact, on the set of "Magazin Royale", a satirical program presented by comedian Jan Böhmermann on the public channel ZDF.

The presenter has put together a whole file against Arne Schönbohm.

He criticizes him, first of all, for never having cut ties with the Cyber-Sicherheitsrat Deutschland eV (CSRD, the German Cybersecurity Council), a think tank on computer security issues bringing together part of the ecosystem. companies in the sector.

Arne Schönbohm had participated in its creation ten years ago, then had officially moved away from it by becoming the boss of the German equivalent of the French Anssi (National Agency for the Security of Information Systems).

Except that, according to Jan Böhmermann, Arne Schönbohm continued to consult and attend the CSRD.

This in itself is a problem because this private organization acts as a lobby for professionals in the sector.

A company created by a former KGB

But it was not only for a possible conflict of interest that Arne Schönbohm was sacked.

The core of the problem is called Protelion, one of the members of the German Cybersecurity Council.

This company is suspected of having more than close ties with Moscow and, potentially, of serving as a Trojan horse for the Russian intelligence services in Germany.

Protelion has not always had this name.

Before the start of the war in Ukraine, this company was called Infotecs GmbH, and presented itself as the German subsidiary of the Russian group of the same name.

The Russian parent company has been on a US gray list of entities subject to trade restrictions since 2018.

Washington accuses him of having "facilitated the malicious activities" of Russian hackers.

Infotecs also has a history dating back to the infamous KGB.

Its founder, Andrey Chapchaev, worked for ten years for the powerful Russian spy agency.

A heritage that the group does not deny since, on its site, Infotecs highlights its collaboration with the FSB, the successor to the KGB.

So many elements that would justify staying away from this company, especially when you run a crucial organization for the computer security of your country.

And all the more so in the context of a hardening of diplomatic relations with Russia because of the war in Ukraine.

"It is certain that the geopolitical situation makes the question of Protelion's activity on German soil more delicate", admits Sven Herpig, specialist in cybersecurity policy issues for Stiftung Neue Verantwortung, a German think tank who works on the societal impacts of digital technology.

A scapegoat ?

Arne Schönbohm has been heavily criticized for not cutting all ties with the German Cybersecurity Council, which only decided to exclude Protelion from its membership after the ZDF revelations.

An additional pan for the CSRD, the director of this institution, Hans-Wilhelm Dünn, himself had ties to Moscow.

He was notably an international observer appointed on behalf of Moscow to oversee the integrity of the 2018 Russian presidential election.

A succession of elements which does not give a very flattering image of the CSRD.

But does this justify the dismissal of Arne Schönbohm, wonders the Süddeutsche Zeitung.

Because, in reality, "there is no evidence, at present, that he had any contact with Protelion", underlines Sven Herpig.

The main incriminating element put forward by the program "Magazin Royale" is the participation of the former boss of the German Cybersecurity Agency in the celebration of the tenth anniversary of the CSRD in September 2022. He even gave a speech there. , but "he had previously requested and obtained the approval of his supervisory ministry to be able to go there", specifies Sven Herpig.

For him, the dismissal of Arne Schönbohm is mainly due to the media frenzy around this affair.

"The current climate in Germany has surely accelerated the decision to send him back," he said.

Between the sabotage of the Nord Stream 1 gas pipeline and that of the rail network in northern Germany – two cases where the Russian track is privileged – the slightest beginning of a connection with Moscow may seem suspicious.

This does not mean that the Protelion case does not potentially pose a real national security problem.

Two of this company's engineers were suspected in 2019 of having developed encryption algorithms containing flaws making it easy to circumvent the supposed protection offered by these programs, the Motherboard site discovered at the time.

The real lesson of this whole affair for Sven Herpig is that "there has been a failure of the security agencies who have failed to put the pieces of the puzzle together themselves to alert earlier about the activities of this Russian company".

It took a comedian to get involved to break the case.

And the ministry's reaction would prove that the authorities "have the wrong priority", concludes this expert.

According to him, an investigation should be carried out as soon as possible to understand whether the software marketed by Protelion would present a real risk and to find out which German companies have used them.

The only concrete effect of the dismissal of the head of the Cybersecurity Agency is that "it weakens the reputation of the institution and of the German cyber defense".

And this, not at the best time in the face of the current Russian threat.

The summary of the

France 24 week invites you to come back to the news that marked the week

I subscribe

Take international news everywhere with you!

Download the France 24 app