Czech yourself, Russia! Prague says its foreign ministry was hacked for more than a year

Report claims that from 2016-2017 the FSB was reading agency's emails

Flag of czech republic on cobbled stret in prague. Photo by Shutterstock - editorial use only

The Czech Republic says that Russian government hackers were intercepting and snooping on communications for one of its agencies for more than a year.

An annual report from the Czech Security Information Service (BIS) covering the 2017 calendar year disclosed how, in the early months of the year, it uncovered a massive network breach at the office of the Ministry of Foreign Affairs (MFA).

According to the BIS report (PDF), published on Monday this week, the attackers were able to covertly sit on the network from 2016 to 2017, and gather massive amounts of correspondence from the highest levels of the ministry.

"The MFA electronic communication system had been compromised at least since the beginning of 2016 when the attackers accessed more than 150 mailboxes of the MFA staff and copied emails, including attachments," the report reads.

"They thus obtained data that may be used for future attacks, as well as a list of potential targets in virtually all the important state institutions. The attackers focused mostly on mailboxes of top ministry representatives. They accessed their mailboxes in a repeated, long-term and irregular manner."

The attack was one of two operations targeting the MFA, with the second being a brute-force attack on email logins that occurred in December of 2016. The BIS did not say whether that attack found much success.

MOSCOW, RUSSIA, JANUARY 2017: Russian traditional toy - Matryoshka with a portrait of Putin and Trump. showcase souvenir kiosk Editorial credit: dimbar76 / Shutterstock, Inc.

Trump wants to work with Russia on infosec. Security experts: lol no

READ MORE

The report goes on to name Russia's FSB and GRU agencies as the people behind the attack, with the BIS saying there was "clear" evidence the Russians were responsible for both attacks.

"Most likely, those two incidents were not interrelated," the report claims.

"All the findings make it clear that it was the Turla cyberespionage campaign, originating from the FSB, a Russian intelligence service, and APT28/Sofacy, which is credited to the Russian military intelligence, the GRU."

This isn't the first time the FSB has been accused of doing Moscow's cyber-espionage dirty work. The intelligence agency was said to have been a key player in the massive Yahoo data breach and the bugging of an NSA programmer's home machine via Kaspersky Antivirus. ®




Biting the hand that feeds IT © 1998–2018