Germany moves toward legalised offensive cyber operations
Germany is drafting laws to expand BND cyber powers abroad and enable “active cyber defense,” accelerating Europe’s shift toward offensive cyber doctrine.
Key facts
- Germany is drafting two bills: one to expand BND authority for cyber operations abroad, another to enable stronger “active cyber defense” by security services.
- Interior Minister Alexander Dobrindt publicly endorsed disrupting attackers and destroying infrastructure, including abroad.
- The proposals may face constitutional hurdles for intelligence-law changes, while the “active cyber defense” bill is said not to require constitutional amendment.
3 minute read
Berlin is preparing a significant recalibration of its cyber posture by drafting two legislative packages intended to move Germany from a predominantly defensive framework toward legally enabled offensive cyber operations. According to the Interior Ministry, one proposal would revise the mandate of Germany’s foreign intelligence service (BND) to allow cyber operations abroad, while a second would broaden authorities’ ability to conduct “active cyber defense” against serious threats and hybrid interference. The political messaging is unusually explicit for Germany: Interior Minister Alexander Dobrindt has publicly argued that the state should “fight back, even abroad,” including disrupting attackers and destroying their infrastructure.
The proximate drivers are persistent Russian-linked espionage and disruptive campaigns, alongside a wider mix of hybrid incidents affecting German critical functions. The source text cites high-profile intrusions attributed to Russian intelligence services, including the 2015 Bundestag breach and a 2024 hack of the governing Social Democratic Party, as well as disruptions ranging from drone incursions over Berlin and Munich airports to a cyberattack on Germany’s air traffic control system. The timing also aligns with the Munich Security Conference’s agenda focus on hybrid aggression and cyberespionage in critical networks, reinforcing that the reforms are as much about signaling resolve as about new authorities.
For European stakeholders, Germany’s move matters because it would further consolidate an EU/NATO trend toward overt offensive cyber doctrine, joining France and the Netherlands—both referenced as having incorporated offensive capabilities into recent strategies—and echoing Baltic arguments that offensive action may be an effective response to state-backed cyberattacks. If Germany operationalises hack-backs with credible oversight, it could shape norms for proportionality, command authority, and cross-border coordination, and influence how EU members integrate cyber effects into deterrence by denial and punishment.
However, the legislative route is likely to be contested. The draft aimed at intelligence law reform may require constitutional changes, which would demand a two-thirds majority in the Bundestag and approval in the Bundesrat. The Interior Ministry indicates the “active cyber defense” package for law enforcement would not require constitutional amendment, positioning it as the faster-moving element. Critics and analysts cited warn that implementation will hinge on legal clarity, attribution confidence, and escalation management—particularly if operations touch foreign-state territory in peacetime. Parliamentary oversight is emerging as a key political condition, with coalition voices supporting expanded BND powers if controls are strict, while opposition voices question legal feasibility and warn that domestic protection and resilience remain underdeveloped relative to the rhetoric.
Source: POLITICO Europe
