Czech Republic Invests Over €20 Million to Secure Embassies from Cyber Espionage

The Czech government has approved a major funding boost of over 500 million CZK (approximately €20 million) specifically to upgrade the cybersecurity of its embassies around the globe. This significant investment comes as part of a larger 650 million CZK plan (with the remaining 150 million CZK sourced from the ministry’s budget) aimed at tackling what official reports describe as failing security systems highly vulnerable to cyber espionage.

A government report sounds the alarm, stating that security at some diplomatic missions has been in a “state of disrepair” for a long time, leaving them increasingly unable to withstand sophisticated attacks. The threat has become more acute, particularly with targeted cyberattacks from state-sponsored actors linked to Russia and China on the rise, especially following Russia’s full-scale invasion of Ukraine and the Hamas attacks in Gaza. With important elections on the horizon, the need for robust digital defenses is paramount.

“Diplomacy is a natural target for attacks – from viruses and DDoS to sophisticated campaigns by APT groups,” Ministry of Foreign Affairs (MFA) spokesperson Daniel Drake told Seznam Zprávy, referring to Distributed Denial-of-Service attacks and Advanced Persistent Threats. While declining to detail current security measures, Drake added, “Cyber threats know no borders – the risk exists everywhere. This makes robust communication security all the more important.”

Echoing this, Alžběta Dvořáková, spokesperson for the National Cyber and Information Security Agency (NÚKIB), emphasized that cybersecurity isn’t a static state but a “continuous process.” She also highlighted the critical role of employee training, noting that “the weakest link is often the user themselves.”

Where the Money is Going: A Breakdown

This substantial 650 million CZK investment aims to comprehensively overhaul embassy security. Key areas targeted for funding include:

• Modernizing outdated IT equipment.
• Significantly improving the security of communication channels linking headquarters with embassies abroad.
• Boosting cryptographic protection measures.
• Implementing specialized systems designed for securely processing classified information.

Who’s Attacking and Why? The Threat Landscape

Why are embassies such attractive targets? According to Robert Šuman, head of ESET’s Prague research branch, the primary motive is often long-term cyber espionage aimed at stealing sensitive data. “Attacks can provide access to sensitive information that can be used for political, economic, or military purposes,” Šuman explained. Foreign missions are ideal gateways for acquiring such intelligence. Attacks can also serve broader destabilization goals, such as disrupting visa and passport issuance systems.

Šuman identified key adversaries targeting Czech interests: “Among the attackers… we can find mostly all major actors. Most often, these are attackers linked to Russia – the APT group Sednit (also known as APT28 or Fancy Bear), Sandworm, Asylum Ambuscade, or The Dukes.” He noted a past incident where The Dukes group used a Czech diplomatic mission to launch a phishing attack. “In the case of attacks from Russia, we are observing a growing trend,” Šuman added.

Regarding China, the trend involves Chinese groups targeting victims globally, often focusing on industrial espionage rather than being limited to specific regions.

Czechia in the Crosshairs: A High-Risk Environment

Czech Republic faces a disproportionately high number of cyberattacks compared to global or even European averages. David Řeháček, marketing manager at Check Point Software Technologies, revealed alarming statistics: “In the first quarter [of 2025], the average Czech company faced 2,307 cyberattacks per week, while the European average was ‘only’ 1,640.” He noted a steady increase since the beginning of the year, rising from 2,080 weekly attacks in January to 2,551 in March.

Adding to the pressure are politically motivated “hacktivist” attacks, particularly from the pro-Russian group NoName057(16), attempting to damage the reputation of Czech state institutions. “With important elections this year, we can expect further intensification in both the quantity and diversity of attacks,” Řeháček warned. He also pointed out that cybercriminals are increasingly using AI to develop more sophisticated threats, rendering previously adequate security measures insufficient faster than ever. The government sector, Řeháček confirmed, is the third most frequent target of cyberattacks. The recent hacking of Prime Minister Petr Fiala’s account on the X network serves as a stark reminder of these ongoing threats.

On the Ground: Embassy Experiences and Specialized Support

While acknowledging the global threat, Veronika Kuchyňová Šmigolová, the Czech Ambassador to Israel, stated her embassy hadn’t faced a direct attack but emphasized the critical importance of prevention and regular staff training using standard MFA resources.

To provide specialized support, Czechia stations dedicated Cyber Attachés – liaisons acting as an extension of the NÚKIB director – at key strategic locations, including Israel, Australia (covering the Indo-Pacific), Washington D.C., and Brussels (NATO & EU).

Despite these measures, the government report warns that current defenses are insufficient. It states that Czech embassies are losing resilience and their ability to effectively detect and evaluate attacks. “Without an adequate response to the current situation,” the report cautions, “it is only a matter of time before the ministry is confronted with an event that carries fundamental harm.”

This significant investment reflects the critical need to modernize and secure Czech diplomatic missions against a complex and escalating global cyber threat landscape.

Source: Seznam Zprávy