Menu
Browse

Cyber Incident Victim: Czech Republic

Date:

Dec 2018

Location:

Czechia

Summary

Czech authorities dismantled a Russian cyber-espionage network linked to Russia's FSB intelligence agency, which operated through Russian nationals holding local citizenship and received funding via Moscow's Prague embassy. The operation involved multiple national security agencies, including the BIS intelligence service, the cyber security authority NUKIB, and the police organized crime unit NCOZ. Russian officials denied involvement, with the embassy rejecting claims of supporting espionage activities. The incident was disclosed during a parliamentary briefing on national security threats, alongside concerns about Chinese state-sponsored hacking and terrorism risks. BIS has actively countered cyber-espionage operations targeting both domestic and international entities.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
2 actors Available to members Available to members

Description

Czech authorities dismantled an alleged Russian cyber-espionage network operating within the country by the end of 2018. The network was established by Russian nationals holding Czech citizenship and operated with direct support from Russia's Federal Security Service (FSB), receiving financial backing through the Russian embassy in Prague. Czech intelligence service BIS (Security Information Service), alongside the National Cyber and Information Security Agency (NUKIB) and the Police's National Organised Crime Centre (NCOZ), coordinated the operation to neutralize the espionage activities. Initial reports about the network's dismantling emerged in March 2019 through Czech news outlet Respekt, though official confirmation from Czech authorities came later. The espionage operation formed part of broader national security concerns that included threats from Chinese state-sponsored hackers and Islamic terrorist groups, as outlined in BIS threat assessments.

Cyber Incident Image

BIS director Michal Koudelka formally disclosed details of the operation during an October 21, 2019, address to the Czech Parliament's lower house, emphasizing the persistent threat of foreign cyber-espionage. The Russian embassy in Prague categorically denied involvement, issuing a statement through TASS news agency refuting claims of embassy funding or coordination with intelligence networks. BIS scheduled an October 24, 2019, press conference to provide additional operational specifics about the FSB-linked network takedown. Concurrently, BIS collaborated with antivirus firm Avast to investigate a separate breach attributed to Chinese hackers, disclosed in the same week as Koudelka's parliamentary briefing. The incident underscored BIS's operational focus on countering cyber-espionage, exemplified by its 2018 disruption of Hezbollah-linked servers distributing mobile malware globally. No technical specifics regarding the Russian network's targets, intrusion methods, or compromised systems were disclosed publicly.

Sources
Sources available to members
1 source