Hungary's united opposition has called on Foreign Minister Peter Szijjarto to resign over press reports that Russia's secret services have "practically unlimited access to the information systems of the [Hungarian] foreign ministry".
In a statement, the opposition parties said Prime Minister Viktor Orban had delivered Hungary to Russia by deliberately dismantling the government's cybersecurity defence and slammed him for hindering joint European action against Russia.
The scandal has broken just days before Hungary's general election on Sunday and as Orban has appeared more isolated than ever in the EU over his ties with Russian President Vladimir Putin.
Investigative news site Direkt36, citing internal documents and state and former intelligence officials, said that the Hungarian foreign ministry's communication channels have been hacked by attacks from Russian intelligence services.
The website claims that from 2013 on, the foreign ministry's IT system was an open book to Russians. There seems to be solid evidence that Russian security services had direct access not just to staff mailing and other activities, but also to classified data transmitted through Hungary’s embassies through a special protected network. Former intelligence officers said the Federal Security Service, FSB and military intelligence service, the GRU were behind these attacks.
The cyberattacks were mostly linked to hacks against other Nato countries, and members of the Western alliance regularly cooperate and share information to identify the attacks.
According to the site’s internal document, the foreign ministry was still under targeted attacks in January 2022. A month earlier Szijjarto was given the highest Russian medal, the Order of Friendship from his Russian counterpart Sergei Lavrov.
The documents compiled by Direkt36 also reveal how hackers breached the system. In a number of cases, they accessed the IT system by spearphishing, through emails disguised as an official Nato event.
Russia’s cyberattacks against other countries are not an uncommon phenomenon, but in a similar case in 2020, Czechs officials chose to go public, while the Orban government kept these events hidden from the public. There was an institutional shutdown, said one former foreign ministry official who opened the infected email and was classified as a national security risk by counter-intelligence agencies and fired a few months later.
The report notes examples when warnings by cybersecurity experts were shrugged off and, instead of beefing up IT protection, officials were taking the matter casually.
The cybersecurity expert familiar with the case said the Orban government began to see Hungarian cyber defence as an obstacle to Hungarian-Russian rapprochement, which began after 2013, when Szijjarto took over.
The government’s pro-Russian turn came in early 2014, after Viktor Orban’s trip to Moscow where he agreed with Vladimir Putin on the expansion of the nuclear power plant Paks from €12.5bn financed 80% by Russian loans.
Direkt36 published an internal communiqué by the ministry calling on staff not to use Chinese-made mobile phones for work, namely Huawei (ZTE), Honor, Xiaomi, Wiko, OnePlus, among others. In public, Szijjarto denied openly that Huawei or other hardware by other Chine manufacturers would pose risks.
The foreign ministry has called the extensive report a campaign lie.
In related news, parliament’s national security committee was to meet on Wednesday partly to discuss the security breach, but Fidesz members called off the meeting.
The investigative report, released just five days before the 2022 election, could be a game-changer as it further underscores Viktor Orban government’s pro-Kremlin stance, analysts said.