The Czech government delivered a pointed warning to China on Wednesday, publicly attributing a years-long intrusion in the foreign ministry’s networks to APT31, a cyber-espionage hacking unit linked to Beijing’s Ministry of State Security.
In a blunt statement, the Czech government said the hackers broke into one of the ministry’s unclassified systems as early as 2022 and lingered undetected inside critical-infrastructure networks, prompting what officials called a “high-degree of certainty” attribution after a joint probe by the country’s civilian and military intelligence services.
“The Government of the Czech Republic strongly condemns this malicious cyber campaign against its critical infrastructure,” the statement read. “Such behavior undermines the credibility of the People’s Republic of China and contradicts its public declarations.”
The Prague statement described the Chinese hacking as “contrary to the norms of responsible State behaviour in cyberspace as endorsed by all UN Members.”
“We call on the People’s Republic of China to adhere to these norms and principles, to refrain from such attacks and to take all appropriate measures to address this situation,” the Czech government added.
The statement did not include any technical details on the intrusions or what was stolen, but public reports say the affected systems have since been rebuilt and isolated.
The European Union issued a separate statement condemning the APT31 activity and warned that Chinese hackers have ramped up attacks against member states.
“We strongly condemn malicious cyber activities,” the EU said. “We call upon all states, including China, to refrain from such behaviour, to respect international law and to adhere to the UN norms and principles, including those related to critical infrastructure.”
The EU also noted that states should not allow their territory to be used for malicious cyber activities.
APT31, also known as Zirconium or Judgment Panda, has been operational for more than a decade, stealing diplomatic cables, industrial designs, and political strategy documents from Europe, North America, and Asia.
Last year the United States and United Kingdom unsealed criminal charges and sanctions against members of the group for what prosecutors described as a broad effort to “facilitate the MSS’s political-and economic-intelligence objectives.”
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has slapped sanctions on hackers linked to APT31 and Wuhan, a China-based technology company serving as a front for multiple malicious cyber operations.
Related: US Treasury Slaps Sanctions on China-Linked APT31 Hackers
Related: Chinese Cyberspy Group APT31 Starts Targeting Russia
Related: China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns
