Statement by the North Atlantic Council concerning malicious cyber activities against Germany and Czechia
Allies recognize that Germany and Czechia have attributed the responsibility of the malicious cyber activities in their respective countries to the threat actor APT28 sponsored by the Russian Federation, specifically the Russian General Staff Main Intelligence Directorate (GRU). Allies also note with concern that the same threat actor targeted other national governmental entities, critical infrastructure operators and other entities across the Alliance, including in Lithuania, Poland, Slovakia and Sweden.
We strongly condemn malicious cyber activities intended to undermine our democratic institutions, national security and free society.
The malicious cyber activities targeting Germany and Czechia underscore that cyberspace is contested at all times. Cyber threat actors persistently seek to destabilize the Alliance.
We remain committed to countering the substantial, continuous and increasing cyber threat, including to our democratic systems and our critical infrastructure. We are determined to employ the necessary capabilities in order to deter, defend against and counter the full spectrum of cyber threats to support each other, including by considering coordinated responses.
We promote a free, open, peaceful and secure cyberspace. We call on all States, including Russia, to respect their international obligations and commitments to uphold international law and act within the framework for responsible state behavior in cyberspace as affirmed by all members of the United Nations.