A powerful cyber attack on Germany's government computer network was part of a worldwide campaign likely carried out by a Russian hacker group known as Snake, sources briefed on the incident said Friday.
Germany's chief federal prosecutor's office said it had launched a preliminary investigation into possible espionage related to the incident, which security sources said was first detected in December but may have begun much earlier.
Kremlin spokesman Dmitry Peskov on Friday dismissed the suggestion that Russian hackers were behind the cyber attack.
"We note with regret that any hacking attacks in the world are associated with Russian hackers but that each time they (the allegations) are made without any tangible proof," Peskov told a conference call with reporters.
Johannes Dimroth, a spokesman for the German interior ministry, said officials had "averted the acute dangers immediately after learning of the cyber attack, but declined to say if the attack was ongoing.
He told the regular government news conference the affected IVBB computer network was used to exchange documents labeled "for government use only," but not highly classified documents.
German media reported that the attackers installed malicious software on 17 computers, including one that belonged to a defense ministry official who was seconded at the time to the foreign ministry.
The report by the Sueddeutsche Zeitung newspaper and broadcasters NDR and WDR said a small amount of data had been copied, including some related to Russia.
It said the attack was targeted at Ukraine and other former Soviet republics, countries in South America, the Baltic states and Scandinavia.
Government spokesman Steffen Seibert said Germany's cyber protection agency and intelligence services were working to assess the attack, the latest assault aimed at Germany's political institutions and key individuals.
German media had initially reported the attack was launched by the Russian hacker group APT28, which Western governments and intelligence agencies have also blamed for a 2015 breach of the German lower house of parliament and the Democratic National Committee ahead of the 2016 U.S. election.
But sources familiar with the incident now say it involved malicious software known as Snake or Turla, that is has been linked to a Russian government agency of the same name.