The Finnish Parliament cyber-attack took place around the same time Russian hackers breached the Norwegian Parliament’s email system. The Finnish Parliament said that hackers gained entry to its internal IT system and accessed email accounts for some Members of Parliament (MPs).
Government officials said the attack took place in the fall of 2020 and was discovered this month by the Parliament’s IT staff. The matter is currently being investigated by the Finnish Central Criminal Police (KRP). In an official statement, KRP Commissioner Tero Muurman said the attack did not cause any damage to the Parliament’s internal IT system but was not an accidental intrusion either. He said the Parliament security breach is currently being investigated as a “suspected espionage” incident.
But while government officials didn’t mention it, the incident is eerily similar to a similar hack disclosed in a neighboring Scandinavian country. Earlier this fall, Norway’s Parliament disclosed a similar breach of its internal email system, with hackers accessing some officials’ email accounts.
This month, after a months-long investigation, the Norwegian police secret service (PST) attributed the intrusion to APT28, a group of hackers linked to Russia’s military intelligence service, the GRU. A recent Microsoft report highlighted a recent trend in APT28 tactics towards targeting email accounts with credential stuffing and brute-force attacks.