‘China has been persistently trying to undermine our resilience and democracy,’ the Czech foreign minister said.
The Czech Republic said on May 28 that a cyberattack on its foreign ministry’s unclassified network was carried out by Chinese state hackers.
Czech authorities accused APT31, a hacking group associated with China’s Ministry of State Security, of conducting the cyber espionage campaign since 2022, according to a statement published on the foreign ministry’s website. The attacks also impacted an unspecified institution considered critical infrastructure by the government, it added.
“China has been persistently trying to undermine our resilience and democracy,” the Czech foreign ministry said in a post on social media platform X. “Through cyberattacks, information manipulation, and propaganda, it interferes in our society—and we must defend ourselves against it.”
Foreign Minister Jan Lipavsky said in a separate X post that he has summoned the Chinese ambassador “to make clear that such hostile actions have serious consequences for our bilateral relations.”
He mentioned that following the breaches at the ministry, a new communications system with enhanced security measures has been introduced.
APT31, or “Advanced Persistent Threat 31,” is a collection of Chinese state-sponsored intelligence officers, contract hackers, and support staff that “conduct malicious cyber operations” on behalf of the regime’s State Security Department in China’s Hubei Province, according to the U.S. Treasury Department.
U.S. officials have accused the hacking group of engaging in a 14-year cyber espionage campaign that has targeted foreign officials, academics, journalists, and companies.
On March 25, 2024, the United States and the United Kingdom responded by imposing sanctions on a China-based company and individuals linked to the APT31 hacking group.
As part of the coordinated effort, the U.S. Justice Department issued an indictment on the same day against seven Chinese nationals for the cyber espionage activities. According to federal prosecutors, victims in the United States included senior White House officials, members of Congress, and officials at the Justice, Commerce, Treasury, and State departments.
The hacking group also victimized “every European Union member” of the Inter-Parliamentary Alliance on China, an alliance of lawmakers from democratic countries focused on constructing a coordinated response to challenges posed by communist China, the court document shows.
Reaction
The intrusions into the Czech infrastructure by Chinese state actors are alarming to the European Union and NATO.
EU foreign policy chief Kaja Kallas said in a May 28 statement that the EU member states have been experiencing a rise in malicious cyber activities originating from China in recent years.
Kallas expressed strong condemnation over malicious cyber activities, saying that they go against “the United Nations framework of responsible state behaviour in cyberspace.”
“We call upon all states, including China, to refrain from such behaviour, to respect international law and to adhere to the UN norms and principles, including those related to critical infrastructure,” Kallas said.
NATO Secretary General Mark Rutte also expressed solidarity with the Czech Republic in a separate statement.
“Cyber threat actors persistently seek to destabilise the Alliance,” NATO said. “We remain committed to expose and counter the substantial, continuous and increasing cyber threat, including to our democratic systems and critical infrastructure.”
