Czechs accuse Moscow of ‘most serious wave of cyberespionage’ in years

Czech Security Information ServiceThe main domestic intelligence agency of the Czech Republic has accused Russia of “the most serious wave of cyberespionage” to target the country in recent years. The claim was made on Monday in Prague by the Security Information Service (BIS), the primary domestic national intelligence agency of the Czech Republic. Details of the alleged cyberespionage plot are included in the BIS’ annual report, a declassified version of which was released this week.

According to the document, the cyberespionage attacks were carried out by a hacker group known as APT28 or Fancy Bear, which is believed to operate under the command of Russian intelligence. The hacker group allegedly targeted the Czech Ministry of Defense, the Ministry of Foreign Affairs and the headquarters of the country’s Armed Forces. As a result, the electronic communication system of the Ministry of Foreign Affairs was compromised “at least since early 2016”, said the report (.pdf). More than 150 electronic mailboxes of ministry employees —including diplomats— were accessed, and a significant number of emails and attachments were copied by the hackers. The compromise was terminated a year later, when BIS security personnel detected the penetration. The BIS report goes on to say that a separate cyberespionage attack was carried out by a Russian-sponsored hacker group in December of 2016. An investigation into the attacks concluded that the hackers were not able to steal classified information, says the report. It adds, however, that they were able to access personal information about Czech government employees, which “may be used to launch subsequent attacks [or to] facilitate further illegitimate activities” by the hackers.

The BIS report concludes that the hacker campaign was part of “the most serious wave of cyberespionage” to target the Czech Republic in recent years. Its perpetrators appear to have targeted individuals in “virtually all the important institutions of the state” and will probably continue to do so in future attacks, it says. Moreover, other European countries probably faced similar cyberespionage breaches during the same period, though some of them may not be aware of it, according to the BIS. Czech Prime Minister Andrej Babis told parliament on Tuesday that his cabinet will discuss the BIS report findings and recommendations early in the new year.

Author: Joseph Fitsanakis | Date: 05 December 2018 | Permalink

Advertisements

Czech spy agency says it neutralized Hezbollah cyberespionage network

Czech Security Information ServiceOfficials in the Czech Republic have announced that the country’s spy agency headed an operation in several countries, aimed at neutralizing a cyberespionage network operated by the Lebanese militant group Hezbollah. Early last week, the Security Information Service (BIS), the primary domestic national intelligence agency of the Czech Republic, issued a short statement saying that it “played a big part in helping to identify and disconnect Hezbollah servers in the Czech Republic, other EU member states and the US”. But it did not elaborate. On Tuesday, however, ZDNet’s Zero Day security blog published more information from the Czechs about the BIS operation.

According to the BIS, its cyber security force discovered a number of servers located on Czech soil, which were “almost certainly” used by Hezbollah, the Shiite militant group that controls large swathes of territory in Lebanon. The servers were allegedly used in a wide-range cyberespionage operation that began in 2017 by a group of Hezbollah hackers based in Lebanon. It was there, said the BIS, where the command-and-control facilities of the operation were located. The servers located on Czech soil were used to download phone apps that contained malicious software. The hackers targeted individual phone users located mainly in the Middle East, according to the BIS, but other targets were in eastern and central Europe. It is believed that the majority of targets were Israeli citizens. Invariably, targeted individuals were approached online, mostly through fake Facebook profiles. Most of the targets were men, and the fake Facebook profiles featured pictures of attractive young women. After initial messages were exchanged via Facebook, the targets were convinced to download phone applications that would allow them to continue communicating with the ‘women’. These applications would install spyware on their phones, thus allowing Hezbollah hackers to capture the content of messages and calls made on the phones. The latter could also be used as eavesdropping devices.

According to BIS Director Michal Koudelka, the spy agency “played a significant role in identifying and uncovering the hackers’ system. We identified the victims and traced the attack to its source facilities. Hacker servers have been shut down”, he said. Koudelka added that some of the servers used by Hezbollah were located in other European Union countries and in the United States. These were shut down following a joint cyber operation by BIS and “partners”, said Koudelka, though he did not identify them.

Author: Joseph Fitsanakis | Date: 17 October 2018 | Permalink

Czech spy service accuses Russia of waging ‘information war’

Czech Security Information ServiceThe intelligence agency of the Czech Republic has accused Russian spy services of waging a “war of information” aimed at destabilizing the eastern European country. The agency has also warned that Russia continues to maintain a large intelligence presence in the Czech Republic, 25 years after the country, which was formerly known as Czechoslovakia, exited the Soviet sphere of influence and joined the European Union (EU) and the North Atlantic Treaty Organization (NATO).

These claims are included in the annual report of the Security Information Service of the Czech Republic, known as BIS. The report, which was published on Thursday, singles out Russia and China for allegedly operating the two most active intelligence apparatuses in the Czech Republic today. It also claims that Russia’s embassy in Prague, which exceeds in size that of any other country in the Czech capital, serves as a base for dozens of spies. The latter are among the 140 diplomatic personnel stationed at the Russian embassy, operating under diplomatic cover, according to BIS.

In addition to collecting intelligence and recruiting spies, Russia’s undercover efforts in the Czech Republic focus on “creating or promoting inter-societal and inter-political tensions” in the country, said the report. That is allegedly one in many ways, including covert support for domestic extremist and populist organizations –both rightwing and leftwing, according to BIS. There are also organizations in the country, described by the Czech intelligence agency as parts of a network of “puppet” groups, which tend to hold consistently pro-Russian stances on domestic and international issues. They are also highly critical of NATO and the EU, and promote the view that, like Britain, the Czech Republic should seek to exit the EU.

The report suggests that the main focus of the current phase of the alleged “information war” is to advertise the Russian viewpoint on the civil wars in Ukraine and Syria. However, “the infrastructure created for achieving these goals will not disappear with the end of the two conflicts” and “can be used to destabilize or manipulate Czech society […] at any time, if Russia wishes to do so”, the report states.

Author: Joseph Fitsanakis | Date: 02 September 2016 | Permalink

Czechs say number of Russian spies in Prague “extremely high”

PragueBy JOSEPH FITSANAKIS | intelNews.org
The number of active Russian intelligence operatives in the Czech Republic increased notably in the past year, according to an official report by the country’s counterintelligence service. In its annual report released on Monday, the Czech Security Information Service (BIS) said the number of Russian intelligence personnel stationed in the central European country had risen dramatically since the start of the crisis in Ukraine. The crisis, which brought Russian troops in Ukraine and resulted in the annexation of Crimea by Russia, has prompted the most serious crisis in the West’s relations with Russia since the end of the Cold War. The BIS report did not reveal the precise number of alleged Russian intelligence personnel on Czech soil, but it noted that the majority of them posed as diplomats in Russia’s embassy in Czech capital Prague. It stated that “when it comes to Russia’s diplomatic mission, in 2013 the number of intelligence officers working undercover as diplomats was extremely high”. It added that significant numbers of Russian intelligence operatives were in the Czech Republic in a non-official-cover (NOC) capacity, meaning there were not officially connected with the Russian embassy there and had no diplomatic immunity. These officers “travel to the Czech Republic as individuals, posing as tourists, experts, academics and entrepreneurs”, said the report, “or settled down in the country through purchasing property”. Nearly 50,000 Russian citizens live in the Czech Republic as long-term legal residents. Relations between Moscow and Prague have been frosty in the post-communist era, and have deteriorated significantly following the Czech Republic’s entry into the North Atlantic Treaty Organization (NATO). In the summer of 2010, three Czech generals, including the head of the president’s military office and the country’s representative to NATO, resigned following revelations that one of their senior staffers had a romantic relationship with a Russian spy. Read more of this post

News you may have missed #784

Aimal FaiziBy IAN ALLEN | intelNews.org |
►►US agencies still not sharing intelligence. Nearly half of US federal agencies are not sharing documented incidents of potential terrorist activity with US intelligence centers, according to officials in the Office of the Director of National Intelligence. Federal and police officials are supposed to deposit reports of suspicious behavior through a system known as the Nationwide Suspicious Activity Reporting Initiative (NSARI). It is a virtualized inventory of tips that can be reached by federal, state or local government authorities. But progress in connecting local agencies to fusion centers through the NSARI appears to be slow-going. Almost exactly a year ago, a similar report by the US Congressional Research Service found that US intelligence agencies were still struggling to strengthen their information-sharing networks.
►►Russian spies ‘top priority’ for Czech intelligence. A new report by the Czech Security Information Service (BIS) says that Russian intelligence services are the most active foreign espionage organizations in the Czech Republic. The report, published last Wednesday, states that Russian spies work under different covers, mainly at Russian diplomatic missions, and in numbers that are utterly unjustified, given the current status of Czech-Russian relations. “Russian intelligence officers were spotted at different public and corporate events, where they tried to resume old contacts and meet new people”, the report said. It is worth noting that the BIS report devoted nine paragraphs to Russian espionage and only one to Chinese. Chinese intelligence officers “do not pose an immediate risk to Czech citizens”, the report said.
►►Afghanistan blames ‘foreign spies’ for insider attacks. Some of Afghan President Hamid Karzai’s top advisers said this week that the recent rise in insider attacks on NATO troops is the product of foreign spy agencies infiltrating Afghanistan’s security forces. They said that Afghanistan’s National Security Council has concluded that both Pakistani and Iranian intelligence organizations are recruiting young Afghans to enlist in the army and police with the intention of targeting Western service members. The officials suggested that the ultimate aim of the alleged efforts by foreign agencies is to destabilize Afghanistan’s forces. One of the Afghan government’s spokesmen, Aymal Faizi (pictured), said that the allegations from Kabul rested on classified evidence from “documents, telephone calls, pictures and audio that show direct contact between these individuals and foreign spy agencies”.

News you may have missed #738

Gareth WilliamsBy IAN ALLEN | intelNews.org |
►►Pathologist says MI6 spy may have died alone. Leading British pathologist Richard Shepherd has told the BBC there is “credible evidence” that MI6 officer Gareth Williams died alone. Williams, a mathematician in the employment of Britain’s signals intelligence agency, GCHQ, was found dead in a padlocked sports bag at his home in Pimlico, London, in 2010. According to Dr. Shepherd, bags identical to the one Williams was found in, can be locked by someone inside the bag.
►►Turkey may indict Israeli officers Over Gaza flotilla raid. A prosecutor in Turkey has prepared indictments and recommended life sentences for four senior Israeli officers over the killing of nine activists aboard a Gaza-bound aid flotilla forcibly intercepted in international waters by Israeli commandos two years ago. The indictments, which have not been formally approved by the Turkish judiciary, could further strain relations between Turkey and Israel, which were once close but which deteriorated badly after the flotilla raid on May 31, 2010.
►►Czech secret services alarmed by drastic drop in funding. The BIS, Czech Republic’s counterintelligence service, is used to operating on Kč 1.149 billion (around US$60 million). According to the Finance Ministry’s plan, the agency’s budget will be reduced to Kč 911 million (US$45 million) in 2013. The news has prompted former interior minister and current member of parliament František Bublan to accuse the government of effectively leading to the spy service’s “liquidation”. But Finance Minister Miroslav Kalousek argues that all state institutions must cut back in order to help achieve a balanced budget by 2016.

News you may have missed #549

Lo Hsien-che

Lo Hsien-che

►►Taiwan general who spied for China gets life. A court in Taiwan has sentenced Lo Hsien-che to life imprisonment, for spying for the People’s Republic of China. As intelNews reported before, Major General Lo gave national secrets to his mistress, a “tall, beautiful and chic” Chinese female operative, who held an Australian passport. Taiwanese counterintelligence investigators said this was Taiwan’s most serious espionage scandal in almost fifty years.
►►Did German intelligence protect world’s most wanted Nazi criminal? The German intelligence service, the BND, destroyed the file of the world’s most-wanted Nazi criminal, Alois Brunner, and may have tried to recruit him into its ranks, German newsmagazine Der Spiegel reported over the weekend. The order to destroy Brunner’s file came “at some point between 1994 and 1997”, according to the magazine. Few of those knowledgeable of BND’s history will be surprised. Incidentally, intelligence observers may remember that, in 1961 and 1980, Brunner, who lived in Syria, was injured by postal bombs sent by Mossad agents.
►►Analysis: New Czech spy law will not curtail abuse. Authorities in the Czech Republic have drafted a new law aimed, partly, at limiting the mandates of the country’s domestic Security and Information Service (BIS) and the Office of Foreign Relations and Information (ÚZSI) –the Czech foreign espionage agency. Read more of this post