[BreachExchange] Hackers target Czech foreign ministry's email system

Audrey McNeil audrey at riskbasedsecurity.com
Tue Jan 31 19:09:22 EST 2017 

http://www.i24news.tv/en/news/international/europe/136501-
170131-hackers-target-czech-foreign-ministry-s-email-system

The Czech foreign minister said Tuesday his office had fallen prey to
hackers who worked their way into the email accounts of dozens of employees
including himself.

"Since early January we have known one of the attacks was partly successful
as the hackers managed to penetrate the email system of the ministry,"
Lubomir Zaoralek told reporters.

He added however that no classified information was compromised as hackers
failed to get into the ministry's inner system.

"The data leak was considerable. The attack was very sophisticated,"
Zaoralek said.

"It must have been carried out from the outside, by another country. The
way it was done bears a very strong resemblance to the attacks on the US
Democratic Party's internet system," said the foreign minister, citing
experts.

In July 2016, the Democratic National Committee faced a leak of e-mails
that Hillary Clinton's campaign blamed on Russia.

In early January, US intelligence said Russian President Vladimir Putin had
ordered a campaign of hacking and media manipulation aimed at undermining
Clinton's presidential campaign and boosting Donald Trump.

Last October, Czech police arrested a Russian hacker in Prague in
cooperation with the FBI and accused him of staging cyber attacks on the
United States.

The hacker is in custody in the Czech Republic pending extradition to the
United States or Russia as both countries have asked Prague to hand over
the suspect.

In neighboring Poland, the Rzeczpospolita daily reported Monday that a
group of Russian hackers called APT28 had tried to attack local foreign
ministry servers in December through emails pretending to be sent by the
NATO secretary general.

This group, also known as Pawn Storm, Sofacy and Fancy Bears, is believed
to be behind other high-profile cyber attacks and to be linked to Russia's
security services.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170131/60a230e1/attachment.html>

More information about the BreachExchange mailing list