Cybersecurity agency criticized as a double agent

The security cameras are seen in the Information Technology of Security Authorities headquarters in Munich
Watch the back door. Source: Reuters

Ten months before Anis Amri killed 12 people by driving a truck through a Berlin Christmas market last December, German police confiscated the Tunisian’s cellphone, which had 12,000 photos and videos stored on it. The police used a software program to trawl through them for suspicious images. Unfortunately, the software missed several photos showing him posing with weapons.

The case highlighted how crucial it is for security services to be equipped with well-functioning digital technology. To steel Germany’s defenses, Interior Minister Thomas de Maizière earlier this year founded a new cybersecurity agency called Zitis.

Its main job initially will be digital forensics, said head Wilfried Karl, referring to the analysis of large volumes of data. It will be a kind of trend scout, informing police and intelligence agencies about the latest developments in IT and encouraging companies to respond.

Mr. Karl’s most pressing problem is to find the right staff. There’s huge competition for IT specialists in the private sector and among government agencies, and they’ve got to be vetted extensively. Past contact with Russia, for example, immediately disqualifies candidates.

But staffing isn’t the only problem for the agency still getting up to speed. Zitis has already come under fire over its plans to detect security gaps in commercial software and exploit them to monitor terrorist communications. Zitis said it won’t use its hacking tools itself — rather it will hand them to other agencies that will seek legal authority to use them.

Want to keep reading?

Subscribe now or log in to read our coverage of Europe’s leading economy.