a year? you mean not one security sysop looked at either the firewall appliances or the logs for a whole year, or notice or thought to mention anything unusual?
I think that says more about their security than Fancy Bears skill.
The German Interior ministry has confirmed that it has identified a serious attack against its servers, amidst reports that the culprits were the Russian APT28 – aka Fancy Bear – hacking group. On Wednesday local news site DPA International reported that the German government discovered a serious intrusion into its servers in …
Just because the attackee says it was "advanced, persistent" doesn't make it so. If no one was checking the fortress walls, how would they know if they were breached by a hammer or high tech equipment? We've seen/read about the mess of various unsecured servers in the civilian world, so why doesn't that apply to governments? IIRC, the US government has been hit due to similar "misconfigurations" and inadequate safeguards.
No, you misread that.
It was the 3v1l Rooskies...
They also spied on EU trade delegates to gain advantage in trade negotiations between the EU and the US and they were responsible for spying on Airbus and gave the information to Boeing.
Not to mention that it was actually the russians who were responsible for bombing North Vietnam with napalm and supporting Pinochet to oust Allende.
Those damn russians.
and its choice of targets suggest that Putin and his pals might have Fancy Bear dancing to their tune. .... Iain Thomson in San Francisco
Then again, they might not, and Fancy Bear APT28 may be just concerned and energised citizens deciding to help Putin and his pals in areas in which they have an outstanding and unrivalled expertise. And if they be spun as Renegade Rogue Non State Actors and Alienating Freelancers, then have we an altogether different reality to consider and a new effective politically adept force/raw core source.
No official resources communicated the actual assumption, that APT28 was caught red handed here.
And although it seems likely, so far no official findings were published, apart from a "we isolated the attack and have it under control".
And to all the Super Pros here:
Whoever attacked or infiltrated probably has put some effort and thought into his attack, so the attack stays under the radar. It's not like a Mr. Trump, who'd go in in broad daylight, waving his USB stick at the security guards and copies the entire internet on it.
Attack without being found out for as long as possible is what they specialised in. If it'd be that easy to find out you're leaking data - joints like APT28 wouldn't last that long... or the NSA, BND, MAD etc. etc.