Introduction
The Czech Republic has formally accused the People’s Republic of China of orchestrating a cyber-espionage campaign against its Ministry of Foreign Affairs, marking a significant diplomatic and cybersecurity incident. This accusation highlights the growing concerns over state-sponsored cyber activities and their implications for international relations and national security.
Description
The Czech Republic has officially accused the People’s Republic of China of conducting a malicious cyber campaign targeting an unclassified communication network within its Ministry of Foreign Affairs. This cyberespionage activity [2] [4], attributed to the APT31 group—also known as Zirconium or Judgment Panda—linked to the Chinese Ministry of State Security, reportedly began in 2022 and has impacted an institution recognized as critical infrastructure [2] [7]. A joint investigation by multiple Czech government agencies, including the Security Information Service (BIS) [2] [3] [4], Military Intelligence (VZ) [1] [3] [4], the Office for Foreign Relations and Information (ÚZSI) [3] [4], and the National Cyber and Information Security Agency (NÚKIB) [2] [3] [4], confirmed responsibility for the attack with a high degree of certainty. While the involvement of APT31 has been established, the full extent of the breach remains unverified [4], and the attack has been described as a significant threat to national security, contradicting China’s public statements [6].
This incident marks the first official attribution of a cyber-attack to a nation-state actor by the Czech Republic [4]. The Czech government condemned the attack [2] [6], asserting that it undermines the credibility of the People’s Republic of China and violates international norms of responsible state behavior in cyberspace, as endorsed by UN members [4]. Czech Foreign Minister Jan Lipavský emphasized the serious implications of such hostile actions on bilateral relations, highlighting the need to defend against China’s interference through cyber-attacks [4], manipulation [7], and propaganda [4]. In response to the incident [2], he summoned the Chinese ambassador [1] [3] [4] [5], Feng Biao [4], to express these concerns and announced the implementation of a new [1], more secure communication system at the Foreign Ministry [1].
The Czech government received solidarity from the EU [4], NATO [1] [2] [4] [5] [6], and its member states in response to this incident, with the North Atlantic Council condemning the malicious cyber activities attributed to China [4]. The Council noted that these actions threaten national security, democratic institutions [4], and critical infrastructure [1] [2] [3] [4] [6] [7], reflecting a concerning pattern of such activities originating from the PRC [4]. Additionally, EU officials [1], including the bloc’s top diplomat, Kaja Kallas [7], condemned the actions as a clear violation of international norms and expressed support for the Czech Republic in addressing these threats. NATO raised concerns about the growing trend of malicious cyber activity from China [6], warning of increased cyberattacks from Chinese hackers against member states [6]. The Czech government has called on all nations [5], including China [2] [3] [5] [6], to refrain from such cyber activities and to take responsibility for preventing the use of their territory for these attacks [5].
Conclusion
The Czech Republic’s formal attribution of the cyber-attack to China underscores the escalating tensions in cyberspace and the challenges of maintaining international cybersecurity norms. The incident has prompted a strong response from international allies, emphasizing the need for collective defense measures and enhanced cybersecurity infrastructure. Moving forward, the Czech Republic and its allies are likely to strengthen their cyber defenses and diplomatic efforts to deter future state-sponsored cyber threats, while urging China and other nations to adhere to responsible cyber conduct.
References
[1] https://brnodaily.com/2025/05/28/news/politics/czech-government-accuses-china-of-malicious-cyber-campaign-against-foreign-ministry/
[2] https://mzv.gov.cz/jnp/en/issuesandpress/pressreleases/statementbythegovernmentofthe_czech.html
[3] https://english.radio.cz/czech-government-blames-china-cyber-campaign-targeting-foreign-ministry-network-8852352
[4] https://www.infosecurity-magazine.com/news/czech-republic-accuses-china/
[5] https://www.devdiscourse.com/article/law-order/3437959-czech-republic-condemns-chinas-malicious-cyber-attack
[6] https://securityaffairs.com/178399/apt/czech-republic-accuses-chinas-apt31-of-a-cyberattack-on-its-foreign-ministrys-unclassified-network.html
[7] https://www.scmp.com/news/china/diplomacy/article/3312165/china-accused-malicious-cyber-campaign-targeting-czech-foreign-ministry
