Slovak authorities have arrested four suspects on Tuesday as part of an investigation into a series of suspicious devices found connected to the government's official IT network.
According to local news site Aktuality, the equipment is believed to have been used for wiretapping purposes and would have allowed threat actors to intercept both internet and telephony operations.
The devices, believed to be some type of servers, were connected to GOVNET, a network that interconnects different Slovak government agencies.
Officers from the National Criminal Agency (NAKA), a division of the Slovak police, intervened on Tuesday to seize any suspicious equipment. According to Slovak news site Denník N, some of the devices were seized from the networks of law enforcement and judiciary agencies.
NAKA officers also arrested for questioning four suspects, including two high-ranking officials inside the National Network and Electronic Services Agency (NASES), the Slovak government agency responsible for managing GOVNET, and all adjacent physical equipment.
The third was a staff member of the Deputy Prime Minister's office, while the fourth was a member of the private sector.
NAKA is now investigating the devices and their capabilities.
NASES officials are being investigated for the role they played in installing the equipment, although, it is not yet clear if they are suspects with direct involvement or just victims of a supply chain issue.
The possibility of a foreign intelligence service's involvement is also being taken into consideration.
However, citing a former government minister and the current head of the Slovak Information Service, local news site Noviny reported today that the wiretapping devices could be mundane security systems, installed following past security audits and meant to protect against cyber-attacks, which would also justify the presence of traffic logging features.
The world's most famous and dangerous APT (state-developed) malware