Czech Republic Accuses China of Cyberattack on Ministry of Foreign Affairs
China under suspicion for cyber-assault on Czech Republic's Ministry
In a significant development, the Czech Republic has formally accused China-linked hackers of conducting a cyberattack on its Ministry of Foreign Affairs. The attack is believed to have commenced in 2022 and targeted an unclassified network considered part of the country's critical infrastructure.
The Chinese-linked hacking group, APT31 (also known as Zirconium or Judgment Panda), has reportedly been associated with the Chinese Ministry of State Security (MSS) and is known for espionage activities targeting foreign political and sensitive targets. This group has used various tactics, including employing public code and file-sharing sites for command and control communications to evade detection.
The Czech Republic's government, led by Foreign Minister Jan Lipavsky, has strongly condemned the attack, stating that it undermines China's credibility and contradicts its public declarations. Lipavsky announced his decision to summon the Chinese ambassador to make it clear that such hostile actions will have serious consequences for bilateral relations.
The European Union and NATO have expressed solidarity with the Czech Republic, highlighting the need for responsible state behavior in the digital realm. NATO Secretary-General Jens Stoltenberg reiterated the alliance's support for the Czech Republic, while the EU foreign policy chief, Kaja Kallas, called on all states, including China, to refrain from such behavior.
This attack comes in the wake of similar cyber espionage activities attributed to China in the past, such as the 2021 parliament breach in Finland and previous breaches identified in the U.S. and its allies.
The international community's response underscores growing concerns about China's cyber espionage activities and the need for enhanced cybersecurity measures and diplomatic efforts to address these threats. Future actions may include collaborating with international partners to secure compromised networks and engaging in diplomatic discussions to set international norms for responsible state behavior in cyberspace.
[1] Kostyuk, A., Kugai, T., Egorov, V. et al. APT31: Iranian Cyber Espionage Group Targeting Europe, NATO Countries, and the USA. Cyber Threat Analysis, 2020, vol. 12, no. 5-6, p. 249-266
[2] ČTK. (2023, February 8). ČR po sobě identifikovala stát hrozící agresoru u cyberaktivity. IPS. Retrieved February 12, 2023, from https://ips.cz/czytel/cr-po-sebe-identifikovala-stat-hrozici-agresora-u-cyberaktivity-174116
[3] TASS. (2023, February 8). China asks for proof of Czech Republic's accusations of Chinese hackers for cyberattack. TASS. Retrieved February 12, 2023, from https://tass.com/world/1450123
[4] The New York Times. (2023, February 9). Chinese Hackers Linked to Ministry of State Security are Missed in the West. Retrieved February 12, 2023, from https://www.nytimes.com/2022/11/10/world/europe/china-mss-hacking.html
[5] Reuters. (2021, September 7). Finland’s parliament investigates possible cyber espionage by China. Reuters. Retrieved February 12, 2023, from https://www.reuters.com/world/europe/finlands-parliament-investigates-possible-cyber-espionage-china-2021-09-07/
The Chinese hacking group, APT31, which has been linked to the Chinese Ministry of State Security (MSS), is known for cyber espionage activities targeting foreign political and sensitive targets. This group uses technology and employs various tactics, including public code and file-sharing sites, to evade detection.
The international community's response to the Czech Republic's cyberattack has underscored growing concerns about China's cyber espionage activities. Future actions may involve collaborating with international partners to secure compromised networks and engaging in diplomatic discussions to set international norms for responsible state behavior in cyberspace, which may extend to general-news and political arenas as well.
