The European Union’s network used for diplomatic communications, COREU, was infiltrated “for years” by hackers, the New York Times reported on Tuesday, with the unknown rogues behind the attack reportedly reposting the stolen communiqués to an “open internet site.”
The network in question connects EU leadership with other EU organizations, as well as the foreign ministries of member states. According to the Times, the attack was first discovered by security firm Area 1, which provided a bit more than 1,100 of the cables to the paper for examination. Some of the documents show unease over Donald Trump’s presidency and his relationship with the Russian government, while others contain tidbits such as Chinese President Xi Jinping’s feelings about the U.S.’s brimming trade war with his country and rumors about nuclear weapons deployment on the Crimean peninsula:
In one cable, European diplomats described a meeting between President Trump and President Vladimir V. Putin of Russia in Helsinki, Finland, as “successful (at least for Putin).”
Another cable, written after a July 16 meeting, relayed a detailed report and analysis of a discussion between European officials and President Xi Jinping of China, who was quoted comparing Mr. Trump’s “bullying” of Beijing to a “no-rules freestyle boxing match” … The cables include extensive reports by European diplomats of Russia’s moves to undermine Ukraine, including a warning on Feb. 8 that Crimea, which Moscow annexed four years ago, had been turned into a “hot zone where nuclear warheads might have already been deployed.”
Hackers were able to breach COREU after a phishing campaign aimed at officials in Cyprus gave them access to passwords that compromised the whole network, Area 1 chief executive Oren Falkowitz told the Times. An anonymous official at the U.S.’s National Security Agency added that the agency had warned the EU had received numerous warnings that the aging system could easily be infiltrated by malicious parties.
Fortunately for the EU, the Times wrote, the stolen information is primarily “low-level classified documents that were labeled limited and restricted,” while more sensitive communiqués were sent via a separate system (EC3IS) that European officials said is being upgraded and replaced. Additionally, although the documents were uploaded to an “open internet site,” the hackers apparently made no effort to publicize them, the paper added.