The government of Czech has accused the People’s Republic of China of Leddering a highly complicated spy network against Czech’s Ministry of Foreign Affairs.
The announcement, on Wednesday, appears to be a major escalation in diplomacy and reflects mounting alarm about state-backed cyber activities targeting European countries.
The attack, which started in 2022, involved an unclassified communication network in the Foreign Ministry and hit a critical infrastructure institution, the Czech government said in a statement.
A thorough investigation by the Czech Security Information Service (BIS), Military Intelligence (VZ), the Office for Foreign Relations and Information (ÚZSI), and the National Cyber and Information Security Agency (NÚKIB) concluded that APT31 was responsible for the operation. This collective is publicly linked to the Chinese Ministry of State Security.
Strongly condemns the despicable attack and said that it erodes trust in China and contravenes the universal principles of responsible state behaviour in cyberspace.
He disclosed that he had called in the Chinese ambassador to Prague to make clear the Czech Republic’s vehement disapproval and the harm hostile actions were doing to relations between the two countries.
Lipavský said a new, more secure communications system would also be installed at the Foreign Ministry, which had fallen victim to the outdated technology used for the current system.
Czech authorities said the breach did not contain classified information, but that the attack led to the compromise of internal communications and was serious threat to national security. Asian-focused files were said to have been the criminals’ principal concern.
The EU, NATO, and numerous European nations have expressed solidarity with the Czech Republic following the cyber attack. NATO warned in a statement on the worsening trend of nefarious cyber activities originating out of China, highlighting the threat posed to national security, democratic institutions and critical infrastructure. EU officials expressed the same opinion, asking China to respect international norms and principles in cyberspace.
It is also the first time that the Czech Republic has explicitly connected a recent national cyberattack to a state-backed actor. The government has urged China to stop such activities and bear the responsibility of ensuring that its territory would not be used to launch attacks using malicious code.
The mishap highlights the ongoing difficulties countries have in guarding against government-supported cyber espionage and the potential for such assaults to complicate diplomatic relationships.
