Czech strategic state institution was target of attack last year, according to cyber defence agency

The Czech Republic’s National Cyber and Information Security Agency (NCISA) has issued a report in which it says that one of the country’s strategic state institutions was a target of cyber espionage in 2019. The source of the espionage was likely the group Sofacy associated with Russia’s GRU military intelligence service, according to the document which Czech Radio’s flagship station Radiožurnál has obtained.

Another group, which the NCISA says was active in cyberspace, was Winnti, associated with the People’s Republic of China. Winnti hackers attacked German companies such as Bayer, Siemens, BASF and Henkel in the past year, but no attacks were registered in the Czech Republic. NCISA believes the group is focused on cyberespionage focusing on industry, state organs and the media, and could conduct similar attacks on the Czech Republic in the future.

The NCISA received reports of 217 successful cyberattacks last year, 50 more than in 2018. The attacks have also been more sophisticated than in the past. In more than half of the cases the attackers get into the system through spam, or fake emails. The NCISA gathered the data via a survey it sent to 125 state institutions and businesses. The most common attackers were cybercriminals, followed by foreign state actors.