Czech authorities dismantle alleged Russian cyber-espionage network

Czech officials said Russian operatives used local companies to launch cyber-attacks against foreign targets.
Written by Catalin Cimpanu, Contributor

Czech government officials said on Monday they dismantled a Russian cyber-espionage network operating in the country.

The network was taken down at the end of last year and had been set up by Russian nationals with Czech citizenship, operating with the help of Russia's intelligence agency (the FSB) and with funding from Russia's Prague embassy.

Czech officials said the Russian spies had set up several hardware and software companies and were using their server infrastructure to launch cyber-attacks on the Czech Republic, but also EU and NATO allies.

Czech news outlet Respekt first reported that Czech intelligence services dismantled the FSB-linked spy network back in March this year, but this is the first time that Czech authorities have officially confirmed that the incident took place.

The news was confirmed yesterday when Michal Koudelka, head of the Czech Republic's BIS intelligence service, spoke in the lower house of parliament, presenting a summary of the biggest national security threats the Czech Republic is currently facing, according to local news outlets.

Last year's dismantling of the FSB-linked cyber-espionage network was included in his speech, along with the threat from Chinese hackers, and the ever-present danger from Islamic-based terrorist cells.

BIS is scheduled to hold a press conference on Thursday, October 24, to detail last year's action in more depth.

Russia denies allegations

In a statement to Russian news agency TASS, the Russian embassy in Prague rejected the Czech intelligence service's accusations.

"It is not true," the embassy told TASS. "The embassy has nothing to do with any intelligence network."

This is the third time now that BIS has accused Russia of carrying out cyber-attacks against Czech targets. It previously did so in a 2017 report [PDF] and in a 2019 report presented to the upper house of parliament over the summer.

Besides BIS, the Czech National Cyber and Information Security Agency (NUKIB) and the Cezch Police's National Organised Crime Centre (NCOZ) have also contributed to taking down the alleged Russian spy network last year.

Currently, BIS is also helping antivirus maker Avast investigate a breach of its internal network. BIS said in a press release published yesterday on its site that the attack had been carried out by Chinese hackers.

Across the years, BIS has been one of the most active intelligence agencies across Europe, especially when it came to cracking down on cyber-espionage operations. For example, in 2018, BIS took down servers that have been used by Hezbollah operatives to target and infect users around the globe with mobile malware.

The world's most famous and dangerous APT (state-developed) malware

Editorial standards