The Czech Republic has reportedly accused Russia of unauthorized access to the mailboxes of some of its top-level officials. According to the Czech Security Information Service (BIS) Annual Report, these attacks were launched between 2016 and 2017.
The hackers allegedly targeted prominent officials working with the Ministry of Foreign Affairs, Czech Army, and the Ministry of Defence. Furthermore, the CIS has reportedly stated that Russia lodged two cyber-attacks in order to access confidential information.
During the most recent attack, the hackers accessed the email IDs of their targets and to avoid any suspicion, the hackers accessed these accounts after irregular intervals. The hackers mainly targeted the top-notch Government officials and the attackers allegedly used the data from these accounts to hack into several other accounts, using brute force.
BIS has identified two attackers, Turla and APT28, who are known to be connected to the Russian Government. While Turla, an agency that employs state of the art Technology has long since been funded by the Russian Government, the APT28 remains associated with the Russian Military Intelligence. As they advise within the report (translated);
All the findings make it clear that it was the Turla cyberespionage campaign, originating from the FSB, a Russian intelligence service, and APT28/Sofacy, which is credited to the Russian military intelligence, the GRU.
During 2016 and 2017, the attackers allegedly accessed the emails of over 150 top officials of the Ministry of Foreign Affairs. However the BIS figured it out by early 2017, but for a year the email accounts of these officials remained vulnerable. During the second attack in December 2016, the hackers resorted to using brute force in order to access numerous mailboxes. In yet another attempt, SQL Database was injected with malicious code.
It may be recollected that during the same period, several other European countries were attacked. At the same time, during the 2016 US Presidential campaign, the Democratic Party’s server was attacked. Of course this is not the first time when Russia has been accused of using modern-day technology to penetrate into the secrets of another nation.