The EU’s foreign policy chief, Josep Borrell, said in a statement on behalf of the bloc that “the European Union and its Member States, together with international partners, strongly condemn the malicious cyber campaign conducted by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia.”
“The malicious cyber campaign shows Russia’s continuous pattern of irresponsible behaviour in cyberspace, by targeting democratic institutions, government entities and critical infrastructure providers across the European Union and beyond,” the high representative said.
“The EU is determined to make use of the full spectrum of measures to prevent, deter and respond to Russia’s malicious behaviour in cyberspace,” he added.
Germany accuses Russia of cyberattack
Germany has said it has evidence that Russian state-sponsored hackers were behind an “intolerable” cyber-attack last year in which several websites were knocked offline in apparent response to Berlin’s decision to send tanks to Ukraine.
The German foreign minister, Annalena Baerbock, said a federal government investigation into the 2023 cyber-attack on the Social Democrat party (SPD) – part of Germany’s governing coalition and the party of chancellor Olaf Scholz – had just concluded.
“Today we can say unambiguously [that] we can attribute this cyber-attack to a group called APT28, which is steered by the military intelligence service of Russia,” she told a news conference during a visit to Australia. “In other words, it was a state-sponsored Russian cyber-attack on Germany, and this is absolutely intolerable and unacceptable and will have consequences.”
Prague says institutions targeted by Russian-controlled APT28
In a statement, the Czech foreign ministry said “Czechia jointly with Germany, the European Union, NATO and international partners strongly condemns activities of the Russian state-controlled actor APT28, who has been conducting a long-term cyber espionage campaign in European countries.”
The ministry said that “based on information from intelligence services, some Czech institutions have also been the target of cyber attacks exploiting a previously unknown vulnerability in Microsoft Outlook from 2023. The mode of operation and the focus of these attacks matched the profile of the actor APT28.”
