Unknown threat actors were able to exfiltrate information from the email accounts of several parliamentarians.
Norway’s parliament, also known as the Storting, disclosed on Tuesday that it fell victim to an extensive cyberattack that targeted its internal email system.
In an official statement addressing the incident, the legislature said that cybercriminals were able to access the email accounts belonging to some elected officials and staff. An analysis revealed that various amounts of information were downloaded by the unknown hackers behind the breach. The employees and officials affected by the incident have been notified, while the investigation is ongoing.
Marianne Andreassen, the Storting’s administrative director, said that the administration is taking the matter seriously and is focusing its undivided attention on analyzing the situation to get an overall picture of the incident and to assess the potential extent of the damage that may have occurred.
And while the Norwegian legislative body doesn’t know who executed the attack, the administrative director did say that they were able to pick up on the anomalies a little more than a week ago, adding that the institution then took steps “that were effective”.
Andreassen also went on to say that the government needs to constantly cooperate with IT security experts to assess the threat landscape. She added that new measures are being considered continuously in order to bolster the parliament’s security posture.
The Storting is also working closely with authorities. Norway’s police security agency PST posted an announcement on its Twitter account saying that it has received a report of the incident and is looking into it.
The attack may bring echoes of other attacks that targeted elected officials in various countries. For example, in 2015 the German Bundestag suffered a cyberattack that left it reeling from the loss of more than 16 gigabytes of data. Two years later, some 90 British MPs had their email accounts compromised. Last year, a breach of the computer network of Australia’s parliament led to the theft of data from several officials.
written by Amer Owaida, ESET We Live Security