Hungarian Foreign Ministry knew about russian cyberattacks that took place two years ago - media
Kyiv • UNN
russian-affiliated hacker groups carried out a large-scale cyberattack on the IT networks of the Hungarian Ministry of Foreign Affairs in 2022, gaining access to sensitive data and posing a serious threat to Hungary's national security. Hungarian intelligence services and diplomats were aware of this, despite initial denials from the ministry.
2 years ago, hacker groups linked to russia carried out a large-scale cyberattack on the IT networks of the Hungarian Ministry of Foreign Affairs, which allowed russian intelligence services to access confidential data, posing a serious threat to Hungary's national security. The ministry denied the attack itself, but now journalists have found evidence of the attack and that they knew about it. This is reported by the Hungarian edition 444, UNN writes.
Details
In March 2022, hackers with ties to russia attacked the IT networks of the Hungarian Ministry of Foreign Affairs, as reported by local media. The Ministry of Foreign Affairs and some members of the ruling party denied the allegations, calling them "election lies." However, new documents have now emerged confirming that russian military and civilian intelligence services have carried out a large-scale cyberattack on the Hungarian Ministry of Foreign Affairs. This poses a serious threat to national security, as valuable data may have been stolen from computer systems.
Journalist Szabolcs Panyi, using information from unofficial sources, revealed the details of an operation by russian special services against Hungarian diplomacy. He described how russian-linked hackers penetrated the computer network and internal communications of the Hungarian Ministry of Foreign Affairs, gaining access to important data. The Ministry and several politicians from the Fidesz party categorically denied these claims. However, according to internal documents, it is clear that not only did the attacks take place, but the Ministry of Foreign Affairs was aware of them. A letter from the head of one of Hungary's intelligence services clearly indicates the scale of the cyberattacks and identifies their perpetrators.
At the end of September 2021, Lieutenant General Hedwig Sabo, then Director General of the National Security Service (SSNS), which provides technical support for other intelligence agencies, issued a report on the state of the Ministry of Foreign Affairs' IT networks, describing the situation as alarming. The report was addressed to Tamás Varzi, who was then State Secretary for Civilian Intelligence at the Ministry of Foreign Affairs and is now Deputy Minister and Parliamentary State Secretary at the same ministry.
The directory service, mail service, file server service, user workstation that maintains KKM's systems, user identification and authorization management were compromised, including the most privileged administrator accounts. More than 4 thousand workstations and more than 930 servers became unreliable as a result of the total attack
This implies that the hackers had access to emails, documents, personal data of officials of the Ministry of Foreign Affairs, as well as other confidential information. It also indicates that the hacker attacks were linked to APT 28 (related to the russian gru) and APT 29 (linked to the fsb).
According to sources from 444, diplomats working in embassies under diplomatic cover were forbidden to use their personal emails to correspond with the Foreign Ministry, as they knew that hackers had access to these addresses.
Cyberattack on the UK Ministry of Defense: hackers hacked serversMay 6 2024, 11:02 PM • 23944 views
With access to all correspondence and databases on Hungarian diplomatic servers, the russians likely had ample opportunity to conduct intelligence operations against Hungary and its allies. They may have had access to a variety of systems, including the Consular Information System, the financial accounting system called Source, and the electronic document management and registration system Scriptament, which stores a large number of documents that are not classified but require protection, including reports on local events, meetings, personal information about employees, and much more.