Germany, Czech Republic, US accuse Russia of cyberattacks, Moscow denies

AFP , Friday 3 May 2024

Germany, the Czech Republic and the US on Friday blamed Russia for a series of recent cyberattacks, prompting the European Union to warn of consequences over what they claim "malicious behaviour in cyberspace", as Russia denies being behind such actions.

Czech and Germany
Czech Republic s Interior Minister Vit Rakusan (R) and his German counterpart Nancy Faeser give a joint press conference at the German embassy in Prague, Czech Republic, on May 3, 2024. AFP


The accusations come at a time of strained relations between Moscow and the West amid Russia's war in Ukraine and the European Union's support for Kyiv.

German Foreign Minister Annalena Baerbock said a newly concluded government investigation found that a cyberattack targeting members of the Social Democratic Party had been carried out by a group known as APT28.

APT28 "is steered by the military intelligence service of Russia", Baerbock told reporters during a visit to Australia.

"In other words, it was a state-sponsored Russian cyberattack on Germany and this is absolutely intolerable and unacceptable and will have consequences."

APT28, also known as Fancy Bear, has been accused of dozens of cyberattacks in countries around the world.

The hacking attack on German Chancellor Olaf Scholz's SPD party was made public last year. Hackers exploited a previously unknown vulnerability in Microsoft Outlook to compromise e-mail accounts, according to Berlin.

Berlin on Friday summoned the acting charge d'affaires of the Russian embassy over the incident.

The Russian embassy in Germany said its envoy "categorically rejected the accusations that Russian state structures were involved in the given incident... as unsubstantiated and groundless".

Arms, aerospace targeted: Berlin

German Interior Minister Nancy Faeser said the cyber campaign was orchestrated by Russia's military intelligence service GRU and began in 2022. It also targeted German companies in the armaments and aerospace sectors, she said.

Such cyberattacks are "a threat to our democracy, national security and our free societies", she told a joint news conference in Prague with her Czech counterpart Vit Rakusan.

"We are calling on Russia again to stop these activities," Faeser added.

Czech government officials said some of its state institutions had also been the target of cyberattacks blamed on APT28, again by exploiting a weakness in Microsoft Outlook in 2023.

Czech Interior Minister Rakusan said his country's infrastructure had recently experienced "higher dozens" of such attacks.

"The Czech Republic is a target. In the long term, it has been perceived by the Russian Federation as an enemy state," he told reporters.

"The United States strongly condemns the malicious cyber activity by Russia's General Staff Main Intelligence Directorate (GRU), also known as APT28, against Germany, Czechia, Lithuania, Poland, Slovakia, and Sweden," the US State Department spokesman, Matthew Miller said in a statement.

"APT28, also known as Fancy Bear, Strontium, and Forest Blizzard, is a well-known threat actor with a long history of engaging in malicious, nefarious, destabilizing and disruptive behavior," he continued.

In particular, he said the United States has linked the group to interference in the 2016 elections that first brought Republican Donald Trump to power, and to operations targeting the World Anti-Doping Agency (WADA).


EU, NATO condemnation

The German and Czech findings triggered strong condemnation from the European Union.

"The malicious cyber campaign shows Russia's continuous pattern of irresponsible behaviour in cyberspace, by targeting democratic institutions, government entities and critical infrastructure providers across the European Union and beyond," EU foreign affairs chief Josep Borrell said.

The EU would "make use of the full spectrum of measures to prevent, deter and respond to Russia's malicious behaviour in cyberspace", he added.

State institutions, agencies and entities in other member states including in Poland, Lithuania, Slovakia and Sweden had been targeted by APT28 in the past, the statement added.

The latest accusations come a day after NATO expressed "deep concern" over Russia's "hybrid actions" including disinformation, sabotage and cyber interference.

The row also comes as millions of Europeans prepare to go to the polls for the European Parliament elections in June, and concerns about foreign meddling are running high.

Czech Foreign Minister Jan Lipavsky told AFP that "pointing a finger publicly at a specific attacker is an important tool to protect national interests".

One of the most high-profile incidents so far blamed on Fancy Bear was a cyberattack in 2015 that paralysed the computer network of the German lower house of parliament, the Bundestag. It forced the entire institution offline for days while it was fixed.

In 2020, the EU imposed sanctions on individuals and entities linked to the APT28 group over the incident.

Short link: