Hackers have reportedly stolen a cache of sensitive European Union diplomatic cables that reveal detailed private conversations between European officials about everything from President Donald Trump to Russian aggression and other major international issues.
And some of them are downright embarrassing — especially for Trump.
The New York Times, which was given access to more than 1,100 of the cables and has made a selected number of them publicly available — reports that in one batch, European diplomats described Trump’s July summit with Russian President Vladimir Putin in Helsinki as “successful (at least for Putin).”
During that summit, Trump seemed to side with Putin over his own intelligence agencies over whether or not Russia interfered in the 2016 presidential election and even bragged that Putin had offered to send Russian government investigators to the US to help with the investigation into Russian government meddling.
According to the cables, European diplomats seem to think Putin came out of that summit much stronger than Trump did. The cables also show that the White House gave private assurances to the Europeans, seeking to downplay Trump’s comments during the Helsinki summit.
The cables also reveal a discussion in July 2018 between EU officials and Chinese President Xi Jinping, where the Chinese leader referred to Trump’s tactics on trade “bullying” and a “no-rules freestyle boxing match.”
The hacked documents reveal concerns beyond Trump, though. A February 8 cable notes the EU’s concern over Russia turning Crimea, which Putin annexed in 2014, into a “hot zone where nuclear warheads might have already been deployed.” (US officials dismissed that warning, according to the Times.)
A security firm, Area 1, says it discovered the hack in November 2018. The firm shared approximately 1,100 cables with the Times. According to the report, the techniques used to access the cables fits the patterns used by an “elite unit of China’s People’s Liberation Army,” though some experts have raised questions about that attribution.
The European Union secretariat said it was aware of the “potential leak of sensitive information” and was “actively investigating the issue,” according to the Guardian.
But the hack might not have been limited to the EU. More than 100 organizations and institutions were targeted at different points in recent years, according to the Times.
The United Nations, the AFL-CIO, and other foreign ministries were also targeted in an apparent attempt to piece together discussions, concerns, and insights from foreign leaders. The United Nations, for example, was reportedly breached during 2016, at a particularly tense period when North Korea was launching missiles.
What did we learn, if anything, from this alleged hack?
The revelations in these communiques are embarrassing but not particularly earth-shattering, at least based on what’s been revealed publicly so far by the New York Times. Many of the issues addressed in the hacked cables — like the hand-wringing over Trump — have been broached publicly by EU leaders.
What is worrisome, however, is the fact that an EU system was hacked at all, and that it’s just being confirmed now. Area 1, the company that the detected breach, said that this hacking campaign dates back to 2015, according to the Financial Times.
Area 1 released a report on its findings Wednesday, where it concluded hackers accessed to the EU system through a phishing attack — where hackers mimic a legitimate website in an attempt to get users to give up their passwords — on the network of the Ministry of Foreign Affairs of Cyprus.
“People talk about sophisticated hackers, but there was nothing really sophisticated about this,” Oren Falkowitz, the chief executive of Area 1, told the Times. “After getting into the Cyprus system, the hackers had access to passwords that were needed to connect to the European Union’s entire database of exchanges.”
The vulnerabilities in the EU system are particularly troubling, especially as countries such as Russia, North Korea, China, and Iran are increasingly using cyber warfare as part of their arsenals. It’s a wake-up call to countries and institutions worldwide.