The Delegation of the European Union to Russia, commonly known as the EU's Moscow Delegation, has confirmed that systems attached to its unclassified network in Russia were compromised by external actors after a report claimed that the hacking took place back in 2017.
Last week, BuzzFeed News cited a leaked internal document to state that at least two computer systems owned by the EU's Moscow Delegation were hacked into in February 2017 but the cyber attack was discovered in April this year by the European External Action Service (EEAS) who chose not to make the discovery public.
EEAS confirmed that the cyber security incident did take place, that information was stolen from the affected systems, and that measures have been taken to mitigate the breach. However, according to BuzzFeed News, European officials are still determining how much and what kind of information were taken from the affected systems. A source told the news agency that Russian entities are believed to be behind the attack.
EU leaders were not informed about the Moscow Delegation hack
"We have observed potential signs of compromised systems connected to our unclassified network in our Moscow Delegation. Measures have been taken and the investigation is in progress — at this stage we cannot comment further," said an official from the EU's Moscow Delegation.
The spokesperson added that EU countries were informed about the cyber espionage incident via established channels and that the European External Action Service's hierarchy was also informed.
However, BuzzFeed learned from a source that EEAS did not share information about the cyber incident with senior EU officials including Jean-Claude Juncker, the president of the European Commission, Donald Tusk, the European Council president, and other EU leaders.
In March this year, the European Union adopted a new EU Law Enforcement Emergency Response protocol to allow Europol's European Cybercrime Centre (EC3) to coordinate with EU law enforcement authorities in responding to major cross-border cyber-attacks in the days prior to parliamentary elections.
The adoption of the new protocol took place within days after members of the European Parliament adopted a resolution condemning the use of disinformation campaigns and cyber attacks by Russia, China, Iran and North Korea that sought to undermine the foundations and principles of European democracies as well as the sovereignty of all Eastern Partnership countries.
According to Europol, the new protocol is part of the EU Blueprint for Coordinated Response to Large-Scale Cross-Border Cybersecurity Incidents and Crises and will help EC3 to support EU law enforcement authorities in providing immediate response to major cross-border cyber-attacks through rapid assessment, the secure and timely sharing of critical information and effective coordination of the international aspects of their investigations.