Unlock the Editor’s Digest for free
Roula Khalaf, Editor of the FT, selects her favourite stories in this weekly newsletter.
Prague said on Wednesday that state-sponsored Chinese hackers had targeted its foreign ministry’s unclassified communications network, the latest in a series of cyber attacks that have been blamed on Beijing.
The Czech government said the ministry had since 2022 been subject to a “malicious cyber campaign” by a group known as APT31, which the Czech authorities said was linked to the Chinese Ministry of State Security.
“China is interfering in our society — through manipulation, propaganda, and cyber attacks,” Czech foreign minister Jan Lipavský said on X, adding that he had summoned China’s ambassador to discuss the attack.
Prague did not specify the impact of the attack, but said a new communications system had been put in place. Nato said the attack caused “damage and disruption”.
Last year US and UK authorities said Wuhan-based APT31 had been responsible for attacks on Capitol Hill in Washington and on the Electoral Commission, the British polling regulator, as well as several British MPs.
Western governments have previously linked APT31, nicknamed Judgment Panda by researchers, to China’s Ministry of State Security and said it engages in large-scale espionage campaigns, along with disinformation.
APT40, another Chinese hacking group reportedly based in China’s southern Hainan province, has also been accused of infiltrating government agencies, companies and universities in the US, Canada, Europe and the Middle East, under orders from Beijing.
Prague has become an outspoken defender of Taiwan, which China considers to be part of its territory. On his first day in office in 2023, Czech President Petr Pavel became the first elected European head of state to speak to Taiwan’s then-president Tsai Ing-wen.
Nato and the EU on Wednesday condemned the Chinese attack, noting that several European countries had suffered similar incidents since 2021.
Kaja Kallas, the EU’s high representative for foreign and security policy, said the attack on Prague was “a clear and unacceptable violation of international norms”.
She said Brussels had repeatedly brought up concerns about cyber attacks in bilateral meetings with Beijing in recent years, “and we will continue to do so in the future”.
Nato secretary-general Mark Rutte said Nato allies stood “in solidarity with the Czech Republic today, following a malicious cyber campaign attributed to the People’s Republic of China. Nato observes with concern the growing pattern of malicious cyber activities stemming from China.”
China’s embassy in Prague did not immediately respond to a request for comment. Beijing has denied wrongdoing following similar accusations in the past.
Lukáš Kintr, director of the Czech cyber and information security agency, said: “The serious, malicious activity we faced in this case reflects a repeated pattern of behaviour by the Chinese group APT31, which had previously targeted our allies.
“That is why we shared relevant information about the incident with our partners in the EU and Nato, but also with key partners in the Indo-Pacific.”