Czech government holds China responsible for cyber-attack on Ministry of Foreign Affairs network
Following an extensive investigation, the Czech government is holding China responsible for a “malicious cyber campaign” that targeted a confidential network of the Ministry of Foreign Affairs. Consequently, the Chinese Ambassador to Czechia was summoned to the ministry on Wednesday.
On May 28th, the Czech Ministry of Foreign Affairs released a statement that firmly points the finger of blame for a serious cyber-attack at the People’s Republic of China. Its target was one of the ministry’s communication networks, referred to in the statement as “critical infrastructure”. The substantial attack began in 2022, since which time the perpetrators are thought to have gained access to unclassified internal documents and thousands of private emails, including those sent during Czechia’s second Presidency of the Council of the European Union.
An investigation conducted jointly by the Security Information Service, Military Intelligence, the Office for Foreign Relations and Information, and the National Cyber and Information Security Agency identified the actor behind the cyber-attack as APT31, a cyber-espionage group associated with the Chinese Ministry of State Security.
Spokesman Daniel Drake expressed the ministry’s view and the wider implications of the attack:
“This action undermines the credibility of the People's Republic of China and contradicts its public statements as well as the commitments and norms to which China has committed itself in the UN. We have called on China to abide by these commitments and principles, to refrain from similar attacks in the future, and to take appropriate measures in light of this situation.”
As a consequence of the investigation’s findings, China’s Ambassador to Czechia, Feng Biao, was summoned to the Ministry of Foreign Affairs on Wednesday, where Minister Jan Lipavský formally protested the cyber-attack. The Chinese embassy in turn refuted the accusation and defended itself, citing a lack of “clear and reliable evidence” for a connection between the cyber-attack and China.
The Foreign Minister added that a different communication system came into use in July 2024, one that is not connected to the Internet. This means that a repeat cyber-attack is not possible. He also stated that the ministry inherited the problem from previous governments, during whose tenure there were more such incidents.
Leaders and officials from other members of the EU and NATO have conveyed solidarity with Czechia, Minister Lipavský stated:
“We are not alone in this. The EU and NATO are fully behind us, and they have expressed their public support. We have also provided them with certain details from the investigation, so it’s not just a matter of trust.”
Secretary General of NATO Mark Rutte has stated that the cyber-attack is part of a pattern that NATO is following “with increasing concern”. He called on all countries, China included, “to refrain from malicious cyber activities [and] to uphold international law”.
