The Security Information Service (BIS) of the Czech Republic annual report published on Monday states that Russia’s intelligence services were behind last year's cyber-attacks targeting the Czech Foreign Ministry. Attackers broke into Czech Ministry of Foreign Affairs (MFA) information systems and got access to over 150 employees email addresses, copying letters and attachments to them.
According to the document, the responsibility for two separate attacks on the country's Foreign Ministry partly lies with the Russian espionage group of hackers APT28, which is associated with the Russian authorities, and is also believed to be responsible for cyber-attacks in Germany and the United States.
During an attack on the MFA information systems, hackers gained access to more than 150 employees email addresses and copied letters and attachments. As a result, cybercriminals got hold of “data that could be used for future attacks, as well as a list of potential targets in virtually all important state institutions,” says the report.
“All the findings make it clear that this was the espionage campaign, originating from the FSB, the Russian intelligence service, and APT28 / Sofacy, which is linked to the Russian military intelligence, the GRU,” notes BIS.
Last year, the Czech Foreign Ministry suggested that a foreign country was behind the cyber-attacks, but stated that no confidential data was compromised.
The new report, as well as the previous ones, states that Russia’s intelligence officers continue to work under diplomatic cover as part of a hybrid strategy against the European Union and NATO member countries.