BRUSSELS — The European Union’s embassy in Moscow was hacked and had information stolen from its network, according to a leaked internal document seen by BuzzFeed News.
An ongoing “sophisticated cyber espionage event” was discovered in April, just weeks before the European Parliament elections — but the European External Action Service (EEAS), the EU’s foreign and security policy agency, did not disclose the incident publicly.
Russian entities are believed to be behind the hack, a source, speaking on condition of anonymity, told BuzzFeed News.
The EEAS confirmed an incident had taken place and, asked whether the EU’s foreign policy chief Federica Mogherini knew about the incident, said that EEAS hierarchy had been informed.
“We have observed potential signs of compromised systems connected to our unclassified network in our Moscow Delegation. Measures have been taken and the investigation is in progress — at this stage we cannot comment further,” a spokesperson said.
According to the leaked document, the initial attack took place in February 2017, but it was only detected in April this year. An analysis of the hack found activity affecting at least two computers and concluded that information had been stolen.
However, officials have no idea how much and exactly what kind of information was taken during the attack.
The analysis determined that the cyber espionage hack was an advanced persistent threat (APT) — a continuous, clandestine, and sophisticated hacking technique used to gain access to a system and remain undetected for a prolonged period of time.