Muurman said

Finland flag

Image: Joakim Honkasalo

The Finnish Parliament said on Monday that hackers gained entry to its internal IT system and accessed email accounts for some members of Parliament (MPs).

Special feature


Cyberwar and the Future of Cybersecurity

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

Government officials said the attack took place in the fall of 2020 and was discovered this month by the Parliament’s IT staff. The matter is currently being investigated by the Finnish Central Criminal Police (KRP).

In an official statement, KRP Commissioner Tero Muurman said the attack did not cause any damage to the Parliament’s internal IT system but was not an accidental intrusion either.

Muurman said the Parliament security breach is currently being investigated as a “suspected espionage” incident.

“At this stage, one alternative is that unknown factors have been able to obtain information through the hacking, either for the benefit of a foreign state or to harm Finland,” Muurman said.

“The theft has affected more than one person, but unfortunately, we cannot tell the exact number without jeopardizing the ongoing preliminary investigation.

“This case is exceptional in Finland, serious due to the quality of the target and unfortunate for the victims,” the official added.

The KRP also said that “international cooperation has taken place in the investigation,” but did not provide additional details.

Norway disclosed a similar incident this fall

But while government officials didn’t mention it, the incident is eerily similar to a similar hack disclosed in a neighboring Scandinavian country.

Earlier this fall, Norway’s Parliament disclosed a similar breach of its internal email system, with hackers accessing some officials’ email accounts.

This month, after a months-long investigation, the Norwegian police secret service (PST) attributed the intrusion to APT28, a group of hackers linked to Russia’s military intelligence service, the GRU.

A recent Microsoft report highlighted a recent trend in APT28 tactics towards targeting email accounts with credential stuffing and brute-force attacks.