Czech Republic Accuses China's APT31 of Cyberattack on Its Foreign Ministry
The Czech government has condemned China's APT31 cyber espionage group for a malicious attack on its critical infrastructure, in what is the latest escalation of tensions between the two nations.
A joint investigation by Czech intelligence agencies led to a "high-degree of certainty" in attributing the attack to China. The attack, which lasted from 2022, targeted an unclassified system at the Czech Ministry of Foreign Affairs and remained undetected for nearly two years.
The Attack: What We Know
According to officials, the cyber campaign was perpetrated by APT31, a group that is publicly associated with the Ministry of State Security. The attack threatened national security and contradicted China's public statements.
The affected systems have since been rebuilt and isolated, but no technical details on the intrusions or what was stolen were included in the joint statement issued by Czech intelligence and agencies.
Global Response
The European Union (EU) expressed strong support and solidarity with Czechia following the cyberattack. In a separate statement, the EU condemned APT31 activity and warned that Chinese hackers have ramped up attacks against member states.
"We strongly condemn malicious cyber activities," said the EU. "We call upon all states, including China, to refrain from such behaviour, to respect international law and to adhere to the UN norms and principles, including those related to critical infrastructure."
The North Atlantic Council also condemned the attack, saying it threatened national security, democracy, and infrastructure.
APT31: A Decade-Long Cyber Threat
APT31, also known as Zirconium or Judgment Panda, has been operational for more than a decade. The group has stolen diplomatic cables, industrial designs, and political strategy documents from Europe, North America, and Asia.
Last year, the United States and United Kingdom unsealed criminal charges and sanctions against members of the group for what prosecutors described as a broad effort to "facilitate the MSS's political-and economic-intelligence objectives."
China Denies Allegations
China denied the allegations in a statement issued by its embassy in the Czech Republic.
"The Chinese government strongly condemns the accusations and requests the relevant authorities of the Czech Republic to provide more information about this issue," said the statement.
A Growing Trend of Malicious Cyber Activity
NATO's North Atlantic Council also raised serious concerns about the growing trend of malicious cyber activity coming from China.
"The malicious cyber activity targeting the Czech Republic underscores that cyberspace is contested at all times. We observe with increasing concern the growing pattern of malicious cyber activities stemming from the People’s Republic of China."