Communication security

Cyber spies accessed thousands of European Union diplomatic cables

A group of hackers, allegedly working for the Chinese military, accessed thousands of classified diplomatic cables from the European Union during a protracted cyber-espionage operation, a report has revealed. Over 100 organizations are believed to have been targeted in the multi-year cyber-espionage campaign, including the United Nations, international labor groups, as well as government ministries from dozens of countries. The operation was revealed on Tuesday by Area 1, a cyber-security company founded by former officials of the United States National Security Agency, and reported by The New York Times.

The compromised cables come primarily from the European Union’s COREU communication network, a Telex-based network that uses teleprinters to exchange text-based messages. The European Union uses the COREU network to transmit information that is classified “limited” or “restricted” between officials representing the executive governments of the European Union’s member states, members of the European Commission, foreign-ministry officials, and other approved parties. Top-secret information (“tres secret” in European Union parlance) is typically not shared on the COREU network. Consequently, the hacked cables contain mostly low-level information. That does not mean, however, that their access by at least one adversary power does not represent a serious security breach. Area 1 said that its forensic examination of the method used by the hackers reveals a set of cyber-espionage techniques that are closely associated with the Chinese People’s Liberation Army (PLA). These clues, in association with the PLA’s long history of attacking Western diplomatic targets, point to Beijing as a very likely culprit behind the attacks, according to Area 1.