Hackers hit the Finnish parliament
The Finnish parliament reported a cyber-attack that allowed entry to its internal IT system.
According to the information that was announced on Monday by the Finnish Government officials on their official web page, the incident allowed unauthorized access to the email accounts of some members of the Finnish Parliament.
In their announcement, the government officials explained that the cyber-attack took place in the autumn of 2020, and was discovered by the technical surveillance workers in the Parliament this month. The Finnish Central Criminal Police is officially investigating the case (KRP).
According to the official statement of KRP Commissioner Tero Muurman, the assault did little to no damage to the internal IT structures of the Parliament but was not an unintended interference either.
KRP Commissioner commented that the intrusion in Parliament’s security is being investigated as a “suspected espionage” attempt. Muurman also added that it is likely that unknown attackers have been able to obtain information through the hacking that could be exploited for the benefit of a foreign state or to harm Finland.
At this stage, it is clear that the theft of data has involved more than one individual, but the exact number of affected people cannot be announced before the completion of the preliminary investigation.
In his statement, the official adds that this case is exceptional in Finland and should be taken seriously due to the quality of the target.
International cooperation has been involved in the investigation process, but so far, KRP has not provided any additional information on that.
A similar incident happened this autumn in Norway
The case with the Parliament’s security breach in Finland is very similar to a hack discovered in another Scandinavian country.
Even though the Finnish government officials did not note this, the Parliament of Norway announced a similar violation of its internal email system that took place earlier this autumn. According to the reports, in this incident, hackers have managed to breach the email accounts of some governmental officials. The Norwegian police secret service (PST) needed several months to complete the investigation of the attack. This month, they credited the intrusion to APT28 – a hacking group belonging to Russia’s military intelligence service, GRU.
A new study by Microsoft revealed a recent development in APT28 strategies to target email accounts with brute-force assaults and credential stuffing.