The Parliament of Finland has found out that it was the victim of a cyberattack in the fall of 2020, but it was only discovered recently by the Parliament’s security team.
Hacking into official institutions is usually done by threat actors working in other states, and that’s especially true when the intrusion remains undetected and the hackers don’t seem to care about anything other than surveillance.
Commissioner Tero Muurman from the Finland Central Criminal Police took over the investigation in an attempt to understand how the attack was even possible. More than one person in the Finnish Parliament was affected, but the Commissioner didn’t reveal more.
“This was not an accident,” said Muurman. “At this stage, one alternative is that unknown factors have been able to obtain information through hacking, either for the benefit of a foreign state or to harm Finland. The burglary has affected more than one person, but unfortunately, we cannot tell the exact number without jeopardizing the ongoing preliminary investigation.”
The official word from the Parliament of Finland is just as sparse, and lacks any details. They do say that some email accounts have been compromised, including a few belonging to MPs.
This would be interesting in itself, but a similar incident took place in Norway in the fall of 2020, when authorities determined that they were targeted by APT28, a group also known under Fancy Bear. The hackers have links to GRU, the foreign military intelligence agency of the General Staff of the Russian Federation’s Armed Forces.
Fancy Bear has been implicated in numerous similar activities, including attacks on the German Parliament, the White House, the Democratic National Committee, and many others. In fact, the US Department of Justice charged six GRU officers in connection to the worldwide deployment of malware.