Russia-Linked APT28 Targets Czechia and Germany in Long-Term Cyber Espionage Campaign: Outlook Flaw Exploited

Czechia and Germany are reeling from a long-term cyber espionage campaign orchestrated by the Russia-linked nation-state actor known as APT28, with the European Union, NATO, the U.K., and the U.S. all expressing grave concerns.

The Czech Republic’s Ministry of Foreign Affairs has disclosed that entities within the country fell victim to cyber attacks exploiting a security flaw in Microsoft Outlook, identified as CVE-2023-23397. Meanwhile, Germany’s Federal Government has pointed fingers at the same threat actor for targeting the Executive Committee of the Social Democratic Party using the same Outlook vulnerability to compromise numerous email accounts.

These attacks have not only targeted political entities and state institutions but also critical infrastructure, disrupting democratic processes and national security. APT28, also known as Fancy Bear and multiple other aliases, has a history of engaging in malicious activities.

The U.K. government has condemned the recent cyber activities by APT28, pointing out its role in undermining democratic processes globally. The U.S. Department of State has reaffirmed its commitment to security and upholding international order in cyberspace.

The coordinated efforts to disrupt the botnet used by APT28 highlight the ongoing challenges in combating state-sponsored threat actors. With elections approaching in various regions, the threat of cyber interference remains a significant concern, prompting governments to take proactive measures to secure critical infrastructure from potential attacks.