[THREAD] ICYMI, Czech National Cyber & Information Security Agency @NUKIB_CZ published annual Report on the state of #cybersecurity in the Czech Republic in 2018. This thread gives the main takeaways from the report, which you can find here: nukib.cz/cs/informacni-… 1/15 
(1) Unsurprisingly, state actors are the most severe threat to cyber security of entities that are part of @NUKIB_CZ's constituency (government agencies, government & private sector-operated crititical information infrastrcuture (CII), providers of essential services etc) 2/15
State actors (government or government-linked) possess financial & human resources & w/ intentions that sets them apart from cybercrime groups or hactivists. People's Republic of China and Russian Federation are the most active cyber threat actors for the Czech Republic 3/15
(2) In 2018, @NUKIB_CZ responded to, and investigated, attack on strategically important govt institution. Investigation revealed that the actor was almost certainly (90-100%) a state actor who is likely (55-70%) Chinese 4/15
(3) Report also points to a rising threat of supply chain attacks, particularly attacks on managed services providers (MSP). In the case of Czech Republic, a contributing factor is a widespread application of Public Procurement Act (PPA) that prioritizes lowest bidder 5/15
Accepting the lowest price as the single most important criterion for public procurement means that potentially hazardous components may enter the systems of obligated entities. 6/15
(4) Public sector is facing great challenges to strengthen cyber security, including lack of qualified personnel, insufficient personnel qualification, or slow implementation of new security standards and weak authentification 7/15
(5) Education sector is also attractive target for cyber threat actors. In 2018, ten Czech universities were targetted by relatively sophisticated spear-phishing campaign (lot of language errors but proven knowledge of university environment) 8/15
(6) @NUKIB_CZ's primary task is CII protection. Report notes that while Czech CIIs were not affected by sophisticated attacks, there were instances of serious attacks on CII systems worldwide, including attacks on energy sector, banking sector and eHealth 9/15
(7) @NUKIB_CZ is authorized to take preventative measures to protect CII & other systems within NUKIB's constituency. In this regard, on 17 Dec 2018 NUKIB issued warning (legal tool per Cyber Security Act) against use of Huawei & ZTE technologies govcert.cz/en/info/events… 10/15
The warning refers to legal and political environment in the PRC that require CN companies to cooperate with Chinese state on intelligence activities & close links b/w private companies & government as factors that prioritize interest of Chinese state over Huawei & ZTE customers
That cybersecurity is not just technical issue and trust is a key principle in choosing suppliers for critical information systems is a major Czech contribution to ongoing discussion on the security of 5G networks (see Prague Proposals: vlada.cz/en/media-centr… 12/15
(8) Report also points to the importance of cyber security exercises, be they red v. blue team technical exercises or non-tech strategic tabletops. Czech Republic is active participant and a provider of cybersec exercises. @GOVCERT_CZ-led team placed 3rd in 2018 in Locked Shields
Perhaps the key takeaway: Czech Republic is not just passive consumer of cyber security provided by others. We are active partners and providers. Ready to reach out and forge new partnerships. 15/15
