There is “great irritation” about Schönbohm, the Handelsblatt learned from ministry circles. The reason for this is Schönbohm’s connections to a controversial association that is believed to have contacts with Russian secret services. Co-founder and president of the association was Schönbohm until 2016.
The allegations against the BSI boss are taken “very seriously”. In addition, “all options would be examined” as to how he could be recalled from his post. In view of the process, the joint press conference planned for Thursday by Interior Minister Nancy Faeser (SPD) and Schönbohm to present the “BSI Management Report Germany 2022” was canceled.
The case is explosive. Because the accusations hit the BSI boss at a time when the risk of cyber attacks against Western countries has increased significantly due to Russia’s attack on Ukraine and Schönbohm’s authority is more in demand than ever.
Top jobs of the day
Find the best jobs now and
be notified by email.
It is no coincidence that Faeser said after the alleged sabotage of the Nord Stream 1 and Nord Stream 2 gas pipelines: “We have to prepare for scenarios that were hardly conceivable until recently. This requires strong security agencies with the necessary resources and powers.”
The minister also alluded to the BSI. According to the plans of the traffic light coalition, the federal cyber security authority is to be expanded to become the central office for cyber security.
Cyber Security Council Germany: Eon and Huawei are members
But now the project is being torpedoed by Schönbohm’s possible contacts with Russian secret service circles via the controversial association “Cyber-Sicherheitsrat Deutschland eV”. The connection of Schönbohm had previously been discussed by Jan Böhmermann in the program “ZDF Magazin Royale”.
Schönbohm is one of the co-founders of the “Cyber Security Council Germany eV”. The name of the association is almost identical to the state’s National Cyber Security Council – and has therefore been a thorn in the side of the Ministry of the Interior since it was founded in 2012. The association also secured the web address cyberSicherheitsrat.de.
The club deliberately gives itself a pseudo-government official look. The Ministry of the Interior therefore ordered that the security authorities should keep their distance from the club. The current club president Hans-Wilhelm Dünn is said to have close ties to Russia. In April 2019, the former Potsdam CDU local politician signed a memorandum on IT security together with a former high-ranking Russian secret service officer.
At the time, Dünn rejected the accusation that he had questionable contacts with Russia: “We are dependent on maintaining international lines of dialogue with all relevant actors. Relevant actors are also secret services or organizations with former members of the secret service.” At the time, Dünn had admitted contacts to Russian secret service agencies to the ARD magazine “Kontraste” and the weekly magazine “Die Zeit”.
In view of the ZDF reporting, the club president is now trying to justify himself by saying that he was “reproduced in abridged form” in the media. “Mr. Thin has not maintained any contact with active representatives of Russian state agencies,” the association said in a press release on Monday. “Rather, his statements generally refer to the maintenance of communication channels to all relevant actors in the international security sector.”
According to the association, its members include large and medium-sized companies, operators of critical infrastructures as well as numerous federal states and federal institutions, experts and political decision-makers related to cyber security. The list of members includes the energy giants EnBW, Eon and Vattenfall, the Chinese technology group Huawei, but also the German police union, the police union and the Federal Ministry of Health.
According to information from the Handelsblatt, Schönbohm had been advised several times to distance himself from the “Cyber-Sicherheitsrat Deutschland eV”. The country’s top IT security guard finally instructed the employees of his authority not to appear together with representatives of the association.
That’s exactly what Schönbohm did in early September. On the occasion of the tenth anniversary of the association, the BSI boss gave a speech at a ceremony with 200 invited guests from politics, business, science and society.
Greens: “Resolutely pursue” allegations against BSI boss Schönbohm
Among other things, the association has been criticized for its membership of the Berlin cybersecurity company Protelion. The company operated under the name Infotecs GmbH until the end of March. This is a subsidiary of the Russian cybersecurity company OAOInfotecs, which, according to information from the research network Policy Network Analytics, was founded by a former employee of the Russian intelligence service KGB.
According to the association, Protelion GmbH’s connections to Russian services were not known – nor was the BSI. The allegations of being influenced by Russian authorities are therefore “absurd”, said club president Dünn. Protelion GmbH and its predecessor Infotecs GmbH joined the association in June 2020. “Since then there have been neither talks nor joint projects with representatives of the company,” emphasized Dünn. Accordingly, “no influence” could take place on the club platform and in the environment of the club.
The chairman of the secret service control committee in the Bundestag, Konstantin von Notz (Greens), called for clarification about the events surrounding the BSI boss. “Regardless of Schönbohm’s personnel, the allegations in the room must continue to be investigated very resolutely,” von Notz told the Handelsblatt.
The SPD domestic politician Sebastian Fiedler was appalled by the allegations against Schönbohm and the reports on the activities of the IT company Protelion. “There has already been a major loss of confidence in the BSI,” Fiedler told the Handelsblatt. “Currently, there is hardly any other topic for corporate managers for cyber security.” Fiedler asked Schönbohm for an explanation as to why, after originally distancing himself from the association, he is now even “publicly advertising the dubious association president”.
For a long time there has been dissatisfaction in the Ministry of the Interior about Schönbohm’s role in and his dealings with the Cyber Security Council. The recent allegations and Schönbohm’s visit to the club’s anniversary have now apparently brought the last straw. However, according to a report by the “Business Insider” portal, the Federal Ministry of the Interior had been informed about Schönbohm’s speech at the association. Accordingly, Faeser’s State Secretary Markus Richter approved the lecture at Schönbohm’s request on August 24th.
Faeser is examining the dismissal of BSI boss Schönbohm
Critics have always considered Schönbohm to be the wrong choice. For them, he was a proven lobbyist for the IT industry, which is why they denied him the necessary neutrality.
His professional competence in security matters was also questioned. Constanze Kurz from the Chaos Computer Club described the 53-year-old as a “cyberclown” who was primarily an economist but not a security expert.
Dismissal of Arne Schönbohm not simply possible
Schönbohm is the son of former Brandenburg Interior Minister Jörg Schönbohm (CDU). The graduate business economist studied international business administration in Dortmund as well as in London and Taipei.
Professional stations included Daimler-Chrysler Aerospace and the aviation and armaments group EADS. Before being appointed head of the BSI by the then Interior Minister Thomas de Maizière (CDU), Schönbohm managed BSS BuCET Shared Services AG, a consulting firm for IT security.
Schönbohm is now on the verge of leaving as BSI boss. Because of the provisions of civil service law, however, he cannot simply be dismissed. The “Bild” newspaper reported that after the dismissal, a new job for Schönbohm and a successor for the BSI would be sought as soon as possible.
Security politicians also want a quick regulation. Green MP von Notz said the BSI was an “extremely relevant security authority”. Therefore, the turnaround in the area of IT security laid out in the coalition agreement with the SPD and FDP, especially with a view to the effective protection of critical infrastructures, “must be implemented politically with great determination and what has been neglected for years must be made up for as quickly as possible in the light of the current threat situation”. Above all, the Ministry of the Interior is called upon here, “which must understand the relevance of these topics for modern security policy”.
More: Warning level red: Security gap endangers the IT of numerous companies
First publication: 09/10/2022, 6:00 p.m. (last updated on 10/10/2022, 11:57 a.m.).