NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.
Germany said on Friday that the Russian threat group was behind an attack against the Executive Committee of the Social Democratic Party, compromising many email accounts using a Microsoft Outlook zero-day bug.
"What is more, this actor's campaign also targeted various government authorities and companies in the spheres of logistics, armaments, the air and space industry, and IT services, as well as foundations and associations," the German Federal Government said.
"It was directed at entities in Germany, other European countries and targets in Ukraine. APT28 is also responsible for the cyber attack that was perpetrated on the German."
The Czech Ministry of Foreign Affairs also revealed today that, based on information from intelligence services, some Czech institutions were targeted in the Outlook campaign in 2023.
"Czechia is deeply concerned by these repeated cyber attacks by state actors. We are determined to respond strongly to this unacceptable behaviour together with our European and international partners," the Czech MFA said.
The Council of the European Union and NATO, joined by the United Kingdom, also formally condemned APT28's attacks on Germany and Czechia, adding that the Russian threat group has also attacked critical infrastructure and government agencies in other EU member states, including Lithuania, Poland, Slovakia, and Sweden.
Threat to Allied security
The North Atlantic Council also warned on Thursday about "recent Russian hybrid activities," describing them as a "threat to Allied security."
According to NATO, these recent incidents include "sabotage, acts of violence, cyber and electronic interference, disinformation campaigns, and other hybrid operations" impacting Czechia, Estonia, Germany, Latvia, Lithuania, Poland, and the United Kingdom.
APT28 hackers, part of Military Unit 26165 of Russia's Main Intelligence Directorate of the General Staff (GRU), have been previously linked to many high-profile cyber attacks since the state-backed hacking group surfaced in the mid-2000s.
For instance, they were behind the 2015 breach of the German Federal Parliament (Deutscher Bundestag) and hacks of the Democratic Congressional Campaign Committee (DCCC) and the Democratic National Committee (DNC) right before the 2016 U.S. Presidential Election.
The United States charged multiple APT28 members for their involvement in the DNC and DCCC attacks in July 2018, while the Council of the European Union also sanctioned APT28 members in October 2020 for the Bundestag hack.
