The Czech government has condemned China for executing a cyberattack against its foreign ministry, which resulted in the exposure of thousands of unclassified emails. The attack was attributed to the Chinese state-sponsored group Advanced Persistent Threat 31 (APT31), which has targeted the foreign ministry since 2022, coinciding with the year Czechia held the rotating EU presidency.
Czech Foreign Minister Jan Lipavský announced that he would summon the Chinese ambassador to explain the findings, warning that such actions would damage bilateral relations. “With today’s move, we have exposed China, which has long been working to undermine our resilience and democracy,” Lipavský stated. He emphasized the necessity for Czechia to defend itself against cyberattacks, information manipulation, and propaganda.
This incident marks the first time the Czech government has officially attributed a national cyberattack to a state-backed actor. An investigation led by the Security Information Service, Military Intelligence, Office for Foreign Relations and Information, and the National Cyber and Information Security Agency (NUKIB) provided a high degree of certainty regarding the perpetrators of the attack.
APT31 is reportedly operated by China’s ministry of state security from Wuhan. The group has a history of high-profile attacks, including the targeting of personal emails of staff working for U.S. presidential candidate Joe Biden in 2020. In 2024, the U.K. and U.S. imposed sanctions on individuals associated with APT31.
The cyberattack has sparked outrage in Brussels, with EU leaders expressing their solidarity with Czechia. Kaja Kallas, the EU’s top diplomat, stated, “The European Union and its Member States, together with international partners, stand in solidarity with Czechia regarding the malicious cyber campaign that targeted its Ministry of Foreign Affairs.” She called on all states, including China, to respect international law and adhere to UN norms concerning critical infrastructure.
NATO also issued a statement reaffirming its commitment to countering cyber threats that aim to destabilize the Alliance. The military alliance emphasized the importance of enhancing capabilities and resilience to tackle the increasing cyber threats facing democratic systems and critical infrastructure.
