The European Union’s network used for diplomatic communications, COREU, was infiltrated “for years” by hackers, the New York Times reported on Tuesday, with the unknown rogues behind the attack reportedly reposting the stolen communiqués to an “open internet site.”
The network in question connects EU leadership with other EU organizations, as well as the foreign ministries of member states. According to the Times, the attack was first discovered by security firm Area 1, which provided a bit more than 1,100 of the cables to the paper for examination. Some of the documents show unease over Donald Trump’s presidency and his relationship with the Russian government, while others contain tidbits such as Chinese President Xi Jinping’s feelings about the U.S.’s brimming trade war with his country and rumors about nuclear weapons deployment on the Crimean peninsula:
In one cable, European diplomats described a meeting between President Trump and President Vladimir V. Putin of Russia in Helsinki, Finland, as “successful (at least for Putin).”
Another cable, written after a July 16 meeting, relayed a detailed report and analysis of a discussion between European officials and President Xi Jinping of China, who was quoted comparing Mr. Trump’s “bullying” of Beijing to a “no-rules freestyle boxing match” ... The cables include extensive reports by European diplomats of Russia’s moves to undermine Ukraine, including a warning on Feb. 8 that Crimea, which Moscow annexed four years ago, had been turned into a “hot zone where nuclear warheads might have already been deployed.”
Hackers were able to breach COREU after a phishing campaign aimed at officials in Cyprus gave them access to passwords that compromised the whole network, Area 1 chief executive Oren Falkowitz told the Times. An anonymous official at the U.S.’s National Security Agency added that the agency had warned the EU had received numerous warnings that the aging system could easily be infiltrated by malicious parties.
In a cable describing a meeting between Xi and European diplomats, the Times wrote, Xi is paraphrased as saying he “would not submit to bullying ... even if a trade war hurt everybody.” The European official wrote that Xi added, “China was not a backward country anymore.”
Another cable, this time from the deputy head of the EU mission in Washington, Caroline Vicini, referred to “messaging efforts” to try to stave off continued Trump assaults on the close ties between the U.S. and the EU on multiple fronts. It also proposed that European diplomats try to forge relationships with members of Congress, rather than rely solely on the possibility Trump could be placated:
[Vicini] recommended that diplomats from the 28 member nations describe the United States as “our most important partner” even as it stood up to Mr. Trump “in areas where we disagreed with the U.S. (e.g., on climate, trade, Iran nuclear deal).”
The cable also recommended working around Mr. Trump by dealing directly with Congress, and urged European diplomats in Washington to emphasize member state interest when pushing on a host of issues, including trade, renewable energy and Brexit.
Other cables related to European efforts to protect the 2015 agreement between the United Nation Security Council, the EU, and Iran intended to curb the latter’s nuclear program:
Among the cables were requests for authorization to finance exports to Iran, as well as details of efforts throughout 2018 to continue economic arrangements that might entice Tehran to comply with the terms of the 2015 nuclear agreement’s terms, even after Mr. Trump abandoned it.
The Times report also makes mention of additional penetrations of “networks of the United Nations, the A.F.L.-C.I.O., and ministries of foreign affairs and finance worldwide.” It’s unclear from the Times report what was stolen from those organizations, other than communiqués referring to meetings between the secretary-general of the United Nations and deputies placed throughout Asian nations during the height of nuclear tensions with North Korea.
Fortunately for the EU, the Times wrote, the stolen information is primarily “low-level classified documents that were labeled limited and restricted,” while more sensitive communiqués were sent via a separate system (EC3IS) that European officials said is being upgraded and replaced. Additionally, although the documents were uploaded to an “open internet site,” the hackers apparently made no effort to publicize them, the paper added.
Area 1 told the Times that they believed the hack had unmistakable resemblances to other attacks believed to be conducted by an elite cyber unit of China’s People’s Liberation Army, the Strategic Support Force. The Times reported that, unsurprisingly, the Chinese Embassy in Washington did not return their calls on the matter.