Hackers from Russia are increasingly threatening cyber security in Germany. The accusation that the BSI boss maintains contacts with Russia through an association therefore weighs heavily. The Ministry of the Interior distances itself from Schönbohm – although it is said to have known about the allegations.

It is not yet clear whether Arne Schönbohm will have to give up his position as chief cyber security officer. But things are not looking good for him. After the allegation made by Jan Böhmermann on ZDF that he was in contact with the Russian news service KGB through an association, he apparently lost the confidence of Federal Minister of the Interior Nancy Faeser: The joint appearance by Faeser and Schönbohm, which had been planned for weeks, to present the annual BSI annual report was canceled without further ado.

The topic of cyber security has recently become more and more of a problem child in Germany. Cybercrime has been a problem in Germany for years, with digital attacks on official government bodies, the judiciary and the health system occurring again and again. Since the war of aggression in Ukraine, the topic has once again come into focus as Russian hackers are increasingly attacking Germany’s infrastructure. The allegations against the BMI boss, who is said to be responsible for cyber security in Germany, are therefore more explosive and relevant than ever before.

But what is behind the allegations? Schönbohm is accused of maintaining contact with an association called “Cyber ??Security Council Germany,” which he helped found ten years ago. Based on the name, one might think that an official security council of the federal government is meant. In fact, however, there is an association behind it that is in no way active on behalf of the federal government. The full name is therefore also “Cyber-Sicherheitsrat Deutschland e.V.”, which is often forgotten, as Böhmermann said on his program on Friday.

Instead, the association is more of a contact platform to which many different large companies belong, but also federal ministries, explains Michael Götschenberg, an expert on intelligence and internal security at rbb. For him – and also for the Federal Ministry of the Interior – the allegations are not new: he researched the case several years ago for the format “ARD Kontraste”. The problem is not so much the club itself, but the company Protelion GmbH, which according to its own statements takes care of cyber security gaps in various areas. As an example, Böhmermann cited hacker attacks from Russia that could paralyze German wind turbines or cause machines in hospitals to fail.

This is where it gets interesting: Until the end of March this year, Protelion was still called Infotecs GmbH, a subsidiary of the Russian cybersecurity company O.A.O. Infotecs. After the outbreak of war in the Ukraine, the company was abruptly renamed Protelion. The reason: According to information from the research network Policy Network Analytics, Infotects GmbH was founded by a former employee of the Russian intelligence service KGB. He was even awarded a medal of honor by Russian President Vladimir Putin for his work in cyber security.

Schönbohm was well aware of this fact. Despite this, he did not cut ties with the association as BMI President, although Protelion was still a member of the “Cyber ??Security Council”. The qualified business economist, son of the former Brandenburg CDU interior minister Jörg Schönbohm, was appointed by the then CDU interior minister Thomas de Maizière and even then his previous association work had been met with criticism. The club has been in the sights of the security authorities for a long time because of Protelion, says expert Götschenberg.

Nevertheless, Schönbohm was allowed to keep his BMI chairmanship and maintain close contact with the association to the end and even gave a speech on its tenth anniversary in September. For the latter, however, Schönbohm had obtained permission from the Ministry of the Interior. “Nevertheless, he is now being recalled, probably because the media is now also a bit driven after the publication in ‘Magazine Royal’,” speculates Götschenberg.

The fact that Faeser didn’t relieve Schönbohm of his office sooner could therefore fall on her toes. “The allegations have not changed for years,” says Götschenberg. So you have to be a bit surprised that he should now suddenly be recalled. At the same time, the BMI is currently playing an important role in the fight against cybercrime from Russia and should therefore not be weakened by a “shot president,” said Götschenberg. This is probably why Faeser is driving the change at the top.

Experts in the USA also reported months ago on Protelion’s connections to Russia. In January, “Forensic News” formulated reservations about Infotecs in the USA, ie at a time when Protelion was still operating under the Infotecs name in Germany. After the company was renamed, the specialist portal “Intelligence Online” pointed out the problematic cross-connections to Russia.

A spokeswoman for the Federal Ministry of the Interior argued on Monday that all IT security-related products for the federal administrations and ministries must be approved by the BSI. However, neither Protelion nor Infotecs products are on the publicly accessible list.

In view of the tense situation with Russia, however, this should no longer play a role. Protelion’s membership was dissolved by the club itself over the weekend. “The actions of Protelion GmbH are a violation of the association’s goals of the Cyber ??Security Council Germany e.V.”, said association president Hans-Wilhelm Dünn. The allegations in the room are not compatible with the fight against cyber crime and the promotion of cyber security.