What we know about Russian cyberattacks that hit Germany and the Czech Republic

What we know about Russian cyberattacks that hit Germany and the Czech Republic
What we know about Russian cyberattacks that hit Germany and the Czech Republic

Wave of Russian cyberattacks in Europe. This Friday, Germany and the Czech Republic accused Russian hackers supported by Moscow of cyberattacks, “strongly” condemned by the European Union.

What happened ?

Berlin denounced an “intolerable” cyberattack against members of the German Social Democratic Party, which took place in January 2023. “Today we can say without ambiguity that we can attribute this cyberattack to a group called APT28, which is led by Russia’s intelligence services,” said German Foreign Minister Annalena Baerbock, as the federal investigation into this attack has just been concluded. “In other words, this was a Russian-backed cyberattack against Germany and it is absolutely intolerable and unacceptable,” she added.

The Czech Foreign Ministry also said on Friday that Prague had repeatedly been the target of cyberattacks orchestrated by a group with links to Russian military intelligence. “Some Czech institutions have been the target of cyberattacks exploiting a previously unknown vulnerability in Microsoft Outlook from 2023,” the ministry said in a statement.

Who did these cyberattacks target?

The SPD, the party of German Chancellor Olaf Scholz, was targeted by a cyberattack in 2023. The European Union’s IT security agency noted at the time information from the German press indicating that a person responsible for this party had been targeted by a cyberattack “possibly resulting in a possible disclosure of data”. This information reported “concrete signs” of a Russian origin, according to the agency.

The German government clarified that the campaign attributed Friday to Russian hackers had not only targeted political parties but also “government services, companies in the logistics, arms, aerospace sectors and several foundations and associations”.

The Czech Foreign Ministry said the cyberattacks had targeted “certain Czech institutions,” without giving further details. These infrastructures have recorded “several dozen” attacks, he however specified.

What is APT28?

Berlin has accused the Russian hacker group APT28 of being responsible for the cyberattacks against the SPD. The Czech Foreign Ministry also singled out this group, referring to the “modus operandi and objectives of these attacks”.

Also known as “Fancy Bear,” APT28 is accused of being responsible for dozens of cyberattacks around the world. “With disregard for international security and stability, Russia has repeatedly exploited APT28 to carry out malicious cyber activities against the EU, its Member States and its international partners, including Ukraine,” denounced Friday in a press release from the Council of the European Union, recalling that officials of this group were subject to EU sanctions in 2020 for their involvement in cyberattacks that targeted the German Parliament in 2015.

In France, APT28 carried out cyberattacks “for espionage purposes” against “governmental entities, companies, universities, as well as research institutes and think tanks”, according to a report published in October 2023 by the National Agency for Information Systems Security (Anssi). The group is notably accused of being at the origin of “MacronLeaks”, i.e. the hacking and dissemination of thousands of internal documents to the entourage of future President Emmanuel Macron during his 2017 campaign, recalls L’Express.

What reactions?

The German government indicated on Friday that it had summoned the charge d’affaires of the Russian embassy to explain itself, “a clear diplomatic signal (…) to make it clear to the Russian government that we do not accept these actions”, declared a spokesperson for the German Foreign Ministry.

The charge d’affaires of the Russian Embassy in Berlin “rejected accusations of involvement of Russian state structures in the matter in question, and the activities of the APT28 group in general, as being without evidence and unfounded », indicated on Telegram the Russian diplomatic mission in Germany.

The European Union also “strongly” condemned these cyberattack campaigns, the head of diplomacy of the Twenty-Seven, Josep Borrell, said on Friday on behalf of the member states. Brussels “is determined to use a range of measures to prevent, deter and respond to Russia’s malicious behavior in cyberspace,” he added in a statement.



PREV Cannes: an explosive biopic on Trump marks the halfway point of the festival – 05/21/2024 at 04:05
NEXT “We are going to lower prices and hire cashiers,” (Philippe Palazzi, CEO of Casino)