An audit report of the „Club de Berne“ finds serious deficiencies in the Austrian domestic intelligence service. Its IT systems were not approved for secret information. The authority should also ensure that it is not infiltrated by „extremist organisations“.
The Austrian Federal Office for the Protection of the Constitution and the Fight against Terrorism (BVT) is regarded as a security gap for European intelligence cooperation. This is the conclusion reached by the European „Club de Berne“ in an audit report. The document classified as „secret“ was leaked to the daily newspaper „Österreich“ and published.
Following an intervention by the government in Vienna, however, the editorial staff took essential parts offline again, and the public prosecutor’s office is now investigating for „treason of state secrets“. Netzpolitik.org was able to inspect the report, the authenticity of which was confirmed by the current Minister of the Interior, Wolfgang Peschorn. It contains 156 „observations“, „recommendations“, „advice“ and „expectations“.
The „Club de Berne“ is the organisation of the directors of all domestic secret services of the EU Member States, Norway and Switzerland. The informal association was founded in 1969 to discuss the political and strategic direction of European intelligence cooperation. The BVT, which also provides the Criminal Investigation Office in Austria and therefore has police powers, participates in the „Club de Berne“ as a protection of the constitution.
In 2001, the alliance created a Counter Terrorism Group (CTG) for operational cooperation. Since 1 July 2016, the Club and its CTG also run an „operational platform“ in The Hague. There, the secret services maintain a common database and a real-time information system.
British, German and Swiss members send „experts“
The cover page of the secret document shows the coat of arms of the „Club de Berne“, on which a cross and 27 stars are to be seen next to the bear of the Bernese coat of arms. 30 services are currently participating. The symbol of the „Soteria“ working group, which was responsible for examining BVT, is also depicted.
According to the report, the UK currently chairs the „Club de Berne“. The audit on 13 February this year was conducted under the auspices of the British National Intelligence Service MI5. The German Federal Office for the Protection of the Constitution (BfV) had sent further „experts“.
A secret service with the abbreviation FIS is also named. This is probably the Swiss Federal Intelligence Service, which is described internationally as the „Intelligence Service of the Federation“. As „cyber security experts“, members of the Lithuanian State Security also took part in the inspection.
Report makes secret systems known
All information about the databases and networks of the „Club de Berne“ and the CTG are secret. The German Government does not answer any questions about this either and calls the club „Masters of Information“. The audit report now reveals the information systems of the secret services. They all bear names from Greek mythology.
The computer network of the intelligence group is therefore called „Poseidon“. The national contact points of the participating secret services are connected to it. Officers can send messages, make telephone calls or hold video conferences. The network also contains a CTG database called „Phoenix“. Whether this is the „operational platform“ remains unclear. Finally, the intelligence cloud includes other Internet services that are available under the name „Neptune“.
The BVT’s internal network in Austria is also linked to „Poseidon“ and uses it to exchange sensitive information with other services in the „Club de Berne“. The review report expressly criticises the fact that the Austrian facility does not have a licence for secret or top secret information. Authorised persons are allowed to bring mobile phones into the building and can thus take pictures of classified information. In addition, the BVT network is connected to the Internet. Employees may access it from outside without twofactor authentication. According to the report, the information systems of the „Club de Berne“ could thus also be compromised in this way.
Employees should communicate planned trips
To ensure that the BVT can continue to participate in the exchange with the „Club de Berne“, the Austrian secret service is to cut off all Internet connections in its internal network. Until then, sensitive documents from other services should only circulate printed out in the authority.
According to the secret report, the BVT has inadequate systems for detecting intrusions into its computer network. The service should therefore improve its cyber defence. Another criticism is that the BVT uses four antivirus programs, but one of them is a program from the Russian company Kaspersky (reports in the Austrian media that four antivirus programs from the Russian company have been installed are not correct, according to the audit). Finally, the BVT is to improve the emission protection of devices used for secret or top secret exchange.
The „Club de Berne“ recommends that the BVT improve the security vettings for its own and external staff. The secret service should set up a department to check their admissibility. The new department should have the competence to make „final decisions“ on security matters. According to the report, BVT employees should be obliged to disclose planned trips to „specific countries“ in the future. These could then be prohibited under certain circumstances. The countries concerned are not mentioned, but at another point in the report Russia is mentioned as an „hostile state actor“.
Right-wing extremists in BVT?
At the time of the review, the Austrian Ministry of the Interior was led by the right-wing FPÖ politician Herbert Kickl. Kickl initiated a raid on BVT, during which storage devices of a department against right-wing extremism were confiscated without a known cause. According to media reports, his head of cabinet, Reinhard Teufel, had „intensive contact“ with the right-wing extremist „Identitarians“ in Austria. There was also suspicion that Teufel had warned the „Identitarian“ boss Martin Sellner, who received a donation from the assassin before the massacre in Christchurch, New Zealand, against a police raid.
During Kickl’s term of office, the BVT also founded a secret „observation unit“ whose target persons at the time are still unknown. The authority was focusing on critical journalists and a representative of the former green NEOS party. The incidents triggered a domestic political scandal in Austria and were dealt with in a parliamentarian inquiry, but not fully cleared up. Now a Salzburg state police director is to investigate further, but first he wants to find the person who leaked the secret document of the „Club de Berne“ to the newspaper „Österreich“.
Also the secret service club speaks in its audit about possible extremism in the BVT. Among other things, the report deals with the advocacy of violence. However, the BVT should also explicitly exclude extremist employees if no „propensity for committing acts of violence“ is known about them. Under point 116 of its observations, the report mentions political infiltration by an „insider“ as one of the main dangers, as „employee, contractor or visitor“. The „Club de Berne“ therefore advises the BVT to add further questions to the security vettings. In future, employees should be asked whether they belong to „extremist organisations“.
Investigations into right-wing extremist Bundeswehr soldier Franco A.
According to media reports, the governments of Great Britain and the Netherlands had considered discontinuing cooperation with Austria within the framework of the „Club de Berne“ because of security concerns. The German government was also said to have questioned further cooperation. The questionable raid on the BVT might have resulted in a breach of data that was supplied from Germany. Among other things, German authorities exchanged information on the actions of the „Identitarians“. The terrorism investigations by German authorities into the right-wing extremist soldier Franco A. were also carried out in cooperation with BVT.
In the meantime, the German Federal Government is endeavouring to present its relationship with BVT as unclouded. A year ago, the Federal Ministry of the Interior wrote that the BfV regarded the „process as completed“ and said to continue to cooperate with BVT. Last week, however, the Federal Government did not want to answer details of the review of BVT publicly. If it became known in which form the BfV would participate, the „welfare of the state would be endangered“.
Secret service group demands renewed control
According to the audit report, the „Club de Berne“ demanded that the Ministry of the Interior in Austria agree to a further visit of its working group „Soteria“. During their first visit, the auditors also wanted to inspect BVT departments involved in operational investigations („working areas“). However, this access had been denied to them in February. The BVT had argued that „no club information is handled in these areas“. „Soteria“ also requested certain documents, which the BVT refused to provide.
Following a decision by the National Security Council, the Austrian government now intends to reorganise the BVT. All the demands of the „Club de Berne“ are to be implemented so that the authority once again might become a „reliable partner for international partner services“ again.
The BVT was advised by the former German State Secretary Klaus-Dieter Fritsche. Until 2018, Fritsche was responsible for coordinating the secret services in the Federal Chancellery. In Austria he allegedly received 8,777 euros per month for three quarters of a year. He formally reported his new employment in Austria to the German federal government as a former employer on 13 February 2019 – the day on which the „Club de Berne“ reviewed BVT. His mission was supposed to end when the Club Plenary met in London in the middle of October to discuss the Austrian matter.
Image: Computer network of the „Club de Berne“ with national contact point at BVT. It is connected to the Internet without special security (Club de Berne).