Finance
German authorities to get more powers against foreign hackers, draft law shows
Published by Global Banking & Finance Review®
Posted on February 27, 2026
2 min readLast updated: February 27, 2026
Quick Summary
Germany’s draft law grants law enforcement and security agencies expanded cyber‑defense capabilities—including redirecting traffic, shutting down IT systems, and deleting or altering data even on foreign servers, with oversight mechanisms and hefty penalties for non‑cooperation. It also boosts staff
German authorities to get more powers against foreign hackers, draft law shows
By Markus Wacket
BERLIN, Feb 27 (Reuters) - Germany will give law enforcement more powers to fight cyber attacks, allowing security forces to intervene and shut down IT systems and delete data, including on foreign servers, a draft law seen by Reuters on Friday showed.
Jolted by Russia's full-scale invasion of Ukraine in 2022, Germany is also beefing up is armed forces and wants to give its spy agencies broader powers to tackle hybrid threats, sensitive steps in a country wary of its Nazi past.
Interior Minister Alexander Dobrindt has previously announced that Germany must be better equipped to defend itself against cyberattacks from abroad, which German security services suspect often come from Russia. Moscow has denied launching hybrid attacks on Europe.
"Like law enforcement, prevention of threats does not stop at national borders when it comes to combating cyberattacks," the draft law said.
While not allowed to launch large-scale cyber counterattacks, the law would allow authorities to redirect data traffic, shut down IT systems, and, in serious cases, delete or alter data, including on foreign servers.
Interventions in private systems generally require a court order, which can be obtained up to three days after the fact in cases of imminent danger. Hundreds of new staff will be hired.
The Federal Office for Information Security, or BSI, will be authorised to conduct "threat hunting", allowing it to detect and counter preparations for a cyber attack at an early stage rather than after the damage has been done.
Digital service providers and internet service providers will be obligated to cooperate, and violations will be subject to fines of up to 20 million euros ($23 million), the draft law said.
($1 = 0.8470 euros)
(Writing by Matthias Williams, editing by Thomas Seythal)
Key Takeaways
- •Expanded powers: Agencies may shut down systems, redirect traffic, and delete or alter data—including on foreign servers—with court orders possible post‑fact in emergencies (yahoo.com)
- •Proactive defense: The Federal Office for Information Security (BSI) gains authority to conduct “threat hunting” to identify cyber threats early (yahoo.com)
- •Enforcement measures: Digital and internet service providers must cooperate or face fines up to €20 million; hundreds of new cybersecurity staff will be hired (yahoo.com)
References
Frequently Asked Questions about German authorities to get more powers against foreign hackers, draft law shows
1What new powers will German authorities receive under the draft law?
German authorities will be able to intervene in and shut down IT systems, delete or alter data, and redirect data traffic, including on foreign servers.
2Why is Germany introducing stricter cyber security measures?
Germany is responding to rising cyber threats, especially amid concerns over hybrid attacks linked to Russia following the invasion of Ukraine.
3Will German authorities be able to operate on foreign servers?
Yes, the proposed law allows authorities to act against foreign servers by shutting down systems or deleting data in serious cases.
4What obligations will internet service providers have?
Digital service and internet providers must cooperate with authorities, with violations subject to fines up to 20 million euros.
5What is 'threat hunting' as described in the law?
'Threat hunting' allows BSI to proactively detect and counter cyber attack preparations before damage occurs.
