Data about Bundeswehr online meetings, including secret ones, have been freely available on the Internet for months because of a security problem with the Webex video conferencing app.
Leaked online meetings of the German Bundeswehr
Die Zeit conducted an investigation and found a security gap in the Bundeswehr and the federal government: it was freely accessible to see who invited people to a video call and when, as well as the internal information of the call.
The publication writes that the Bundeswehr learned about this gap only through requests for their investigation. The video conferencing system is now disconnected from the Internet.
The Bundeswehr cannot rule out whether confidential information has been leaked to unauthorized parties due to the current gap.
The newspaper found information about six thousand conferences, but the number of meetings that outsiders could get information about could be much higher. However, there is no confirmation of the leak either.
The Webex video conferencing program, owned by the American Cisco, is considered particularly secure.
Die Zeit managed to gain access to the personal video conference offices of many Bundeswehr employees, including Lieutenant General Ingo Gerharts, the head of the German Air Force. However, these offices were not protected by passwords.
Russian secret services and access to meetings of the Bundeswehr
Webex was already mentioned in the scandal with the leak of the recording of an online meeting of the Bundeswehr regarding the Taurus missiles by the Russian media.
In early March, the editor-in-chief of the Russian propaganda channel RT, Margarita Simonyan, released an audio recording of a conversation between Bundeswehr officers in Telegram.
In the recording, officials discussed the use of Taurus missiles and the question of whether these cruise missiles could destroy the Crimean Bridge.
The German MOD acknowledged the leak of the conversation without commenting on the content. The leak was blamed on one of the participants joining the conversation from Singapore via an "unsecured data channel", meaning mobile or Wi-Fi.
