Blake Darche, chief security officer of Area 1 Security, said the attack shows that hackers continue to exploit the "weakest links in the digital chain." Cybersecuirty Chinese government hackers penetrated EU communications network, cybersecurity firm concludes

Chinese government hackers have been eavesdropping on diplomats, trade unions and think tanks in Europe, a cybersecurity firm revealed Wednesday, adding to the growing list of grievances the West has with Beijing over its digital espionage activities.

The latest allegations, coming as Europe appears ready to follow the U.S. and place new limits on Chinese telecommunications firm Huawei over security concerns, claim an arm of the People's Liberation Army breached a diplomatic communications network the 28 European Union states use to share details on policymaking efforts.


Area 1 Security, which revealed the breach, said the hackers used a phishing link to access the COREU (or Courtesy) system, which is used by national governments and EU institutions to exchange day-to-day information on foreign policy.

Blake Darche, chief security officer of Area 1 Security, said the attack shows that hackers continue to exploit the "weakest links in the digital chain," launching an attack on Cyprus's Ministry of Foreign Affairs "to gain access to the entire European Union diplomatic communications network."

The hackers used techniques similar to those seen by the PLA, and was part of a broader campaign that also included targeting the United Nations and the AFL-CIO, Area 1 Security concluded.

Morning Cybersecurity A daily briefing on politics and cybersecurity — weekday mornings, in your inbox. Email Sign Up By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The company provided hacked cables to The New York Times, with one cable from an EU diplomat referring to a meeting between President Donald Trump and Russian President Vladimir Putin as "successful (at least for Putin).” Another cable called Trump's "bullying" of Beijing a “no-rules freestyle boxing match.”

Thomas Rid, a cybersecurity expert at Johns Hopkins University, questioned why Area 1 would share hacked materials with the Times, and how the company obtained them. He tweeted that publishing the hacked documents amounted to a "major ethical lapse" on the part of the Times and Area 1.

Oren Falkowitz, CEO of Area 1 Security, defended the company's approach in an interview with POLITICO.

"We considered that issue very carefully. That’s part of the reason why Area 1 did not publish them," he said, instead working with the Times to consider "whether there was any foreign policy value. These materials are not playing into the hands of those that took them, because they were not intended to be public."

But Falkowitz declined to provide much information about how it tracked down the cables.

"The hackers did not give them to us," he said. "Area 1 runs an active sensor network, and we were able to identify technical artifacts and put together the details," Falkowitz said, but would not answer more specifically.

European Union officials are investigating the impact of a hack of its diplomatic communication system that put internal memos out in the open.

"The [EU] Council Secretariat is aware of allegations regarding a potential leak of sensitive information and is actively investigating the issue," the Council press office said in a statement Wednesday.

The EU did not answer questions as to whether they had confirmed and fixed the hack. It said the investigation was ongoing and it "does not comment on allegations nor on matters relating to operational security. The Council Secretariat takes the security of its facilities, including its IT systems, extremely seriously," it added.

The EU institutions are a popular target for hackers. The institutions have upgraded parts of their IT security in previous years. Brussels is a known target for espionage, in part because of the presence of both EU and NATO institutions.

Udo Helmbrecht, chief of the EU's cybersecurity agency, said he was "not surprised about the fact that there is such an attack. It is just a question of time when [such a data breach] would happen, or become public."

