Foreign Minister Stier claims that no important data was compromised.
During the last six months, the Ministry of Foreign and European Affairs has been a target of hackers and so far two waves of attacks have taken place. Both waves occurred during the term of the previous government. All the attacks were stopped before any serious damage was done, and the hackers failed to compromise the safety of the data, reports Večernji List on December 3, 2016.
Six months ago, the Ministry was attacked by a group called Sofacy, which are the hackers who allegedly were behind the attack on the German Bundestag, while the hackers behind the last, so far the most sophisticated attack, are still unknown. This kind of espionage activities are on the rise in the world, and Croatia, as an EU and NATO member, is a logical target of such attacks.
The last attack did not take place in the last 30 days, but earlier, during the term of former Foreign Minister Miro Kovač, said a source from intelligence services. Therefore, the attack is not connected with the recent visit by Prime Minister Andrej Plenković to Ukraine. Also, for now there is no specific evidence that the attack came from Russia.
The current Foreign Minister Davor Ivo Stier said that no strategically important data was compromised. “The attack did not take place during this government, but during Minister Kovač’s term”, said Stier. Asked whether hackers were able to reach the most sensitive documents, Stier replied that, according to a report he received, “no information of strategic importance was compromised”. The Minister has ordered additional “measures for security protection” of the Ministry’s information system.
Croatian intelligence system, in cooperation with its international partners, has received a notice about the most recent attack. An extremely powerful virus, so far unknown, was found in a computer and stopped in time. The attackers used such sophisticated spyware that it was not recognized by any of the several antivirus programs that the Ministry is using to protect its network. The very high level of sophistication suggests that the attack could not have been launched by a single person or a smaller group of hackers. These are malicious programs whose development requires a large number of IT professionals and the huge amount of money and time.
Also, the sophistication of the spyware was the reason why the Ministry was unable to eliminate it itself and therefore had to use specially developed tools available to security and intelligence agencies.
This was not the first attack on the Ministry of Foreign Affairs. Similar attack took place six months ago, but it was slightly less sophisticated and the security and intelligence system identified and stopped it. It was determined that it was launched by a group called Sofacy. Its targets are mainly military and government agencies around the world and banks. German officials accused it in May for hacking the German Parliament. Sofacy allegedly also attacked the US government, as well as media outlets – BBC, ITV, Channel 4, Sky News, and TV5 Monde.