Brussels (Brussels Morning) – The European Union and its allies strongly condemn APT28 cyber attacks on Germany and Czechia, highlighting Russia’s pattern of irresponsible behaviour in cyberspace. EU vows to combat such malicious activities.
The European Union and its Member States, together with international allies, strongly denounce the malicious cyber campaign executed by the Russia-controlled Advanced Persistent Threat Actor 28 (APT28) against Germany and Czechia.
Which Nations Have Been Targeted by APT28 Cyber Attacks?
Today on 3 April 2024 Germany has conveyed publicly its review of APT28 compromise of various e-mail accounts of the German Social Democratic Party executive. The 2023 attacks, in which multiple websites were knocked offline in obvious response to Berlin’s decision to dispatch tanks to Ukraine, have been accused of a hacker group linked to Russian military intelligence. It exploited a then-unexplored vulnerability in the Microsoft Outlook email service and, according to German officials, compromised the servers of affected companies.
At the same time, Czechia reported its institutions have been a target of this cyber movement. State establishments, agencies and entities in the Member States, including Poland, Lithuania, Slovakia and Sweden have been targeted by the same threat actor before. In 2020, the EU inflicted sanctions on individuals and entities liable for the APT28 spells targeting the German Federal Parliament in 2015.
What Is APT28 and Its Alias?
APT28 also understood as Fancy Bear or Pawn Storm, has been indicted of dozens of cyber-attacks in nations around the world. The UK’s National Cyber Security Centre has defined the unit as “a highly skilled threat actor” that has “used tools including X-Tunnel, X-Agent and CompuTrace to penetrate target networks”.
The malicious cyber campaign demonstrates Russia’s continuous pattern of irresponsible behaviour in cyberspace, by targeting democratic institutions, government entities and critical infrastructure providers across the European Union and beyond.
What is the European Union’s Response to APT28 Attacks?
Press of the European Council states that this type of behaviour is defiant to the UN norms of responsible state behaviour in cyberspace, such as damaging the use and operation of critical infrastructure. Violating international security and stability, Russia has continually leveraged APT28 to conduct malicious cyber activities against the EU, its Member States and international partners, most notably Ukraine.
How Will the EU Address Russia’s Malicious Cyber Behavior?
The EU contended that it will not accept such malicious behaviour, particularly activities that seek to degrade our critical infrastructure, weaken societal cohesion and influence democratic procedures, mindful of this year’s elections in the EU and in more than 60 countries around the world. The EU and its Member States will persist in cooperating with EU international partners to facilitate an open, free, stable and secure cyberspace. The EU is determined to make use of the full spectrum of measures to prevent, deter and respond to Russia’s malicious behaviour in cyberspace.
