Finnish Security and Intelligence Service Identifies Group Responsible For Cyber Attack on Parliament

Finland’s domestic security said Thursday that the cybergroup APT31, which is generally connected to the Chinese government, was most likely behind a cyberspying attack on the information systems of Finland’s parliament. 

The Finnish Security and Intelligence Service, commonly abbreviated to Supo, said it had “identified a cyber espionage operation targeted in 2020 against parliament with the aim of intruding into parliament’s IT systems.”

The agency also added that “according to Supo intelligence, APT31 was responsible for the attack.” It did not mention China by name or the group’s alleged links to Beijing’s government. The statement was also posted in English on the agency’s Twitter.

Finland’s National Bureau of Investigation (NBI), said in late December that it has started an investigation looking into the hacking and espionage attacks on the information systems of Eduskunta, the Finnish legislature. In addition to the information systems being hacked, some lawmakers’ email accounts were also compromised. 

Parliament has announced they have since upgraded their systems’ security measures. 

NBI’s Tero Muurman, who is in charge of the investigation, said Thursday that his agency is continuing to further investigate APT31’s alleged involvement. He also said the goal of the breach was most likely to “acquire information for the benefit of a foreign nation or to harm Finland.” 

FireEye, one of the world’s major cybersecurity firms, and other data security firms have linked APT31 to the Chinese government or operations conducted on orders from the Chinese government. APT is an abbreviation for “advanced persistent threat,” a term to describe an attack in which an intruder (or intruders) establishes an illicit and usually long-term presence on a network to acquire highly sensitive data. 

Earlier this month, Supo said that the intelligence services of foreign powers have expanded their cyber espionage operations in Finland during the COVID-19 pandemic through either directly targeting Finnish organizations or using Finnish infrastructure. Prior to the announcement earlier this month, Supo had named China and Russia as being the two most active countries spying on Finland.  


© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.