Finnish intelligence identifies Chinese state-linked group behind cyber-attack

Finnish Parliament

FINLAND’S INTELLIGENCE AGENCY HAS identified a hacker group with ties to the Chinese state as the culprit of an attack of “exceptional” magnitude and intensity that targeted the Finnish Parliament last year. The attack was reported in December 2020, but had been going on for several weeks prior to being discovered by the information security department of the Eduskunta (Parliament of Finland).

Finland’s National Bureau of Investigation (NIB) said at the time that the attack had compromised parts of the Parliament’s internal communication system, including a number of Parliamentary email accounts. Some of these accounts belonged to members of Parliament, while others belonged to members of staff, according to the NIB.

Little became known about the attack in the months after the incident was first reported by Finnish media. But on Thursday the Finnish Security and Intelligence Service (SUPO) issued a press release about the incident. It said that the attack was likely part of a state-sponsored cyber espionage operation. It also identified those responsible for the attack as Advanced Persistent Threat (APT) 31. The SUPO report did not name the state that sponsored the attack. However, several private computer security firms have linked APT31 with the Chinese government.

The SUPO report stated that the attack on the Finnish Parliament was neither random nor experimental. On the contrary, it was aimed at acquiring specific information stored at the Parliament’s computer servers. Although the motive for the attack is still being investigated, it is possible that it was part of an effort “to gather intelligence to benefit a foreign state or to harm Finland’s interests”, said SUPO. The spy agency added that it would not provide further details about the case while it remains the subject a criminal investigation.

Author: Joseph Fitsanakis | Date: 19 March 2021 | Permalink

3 Responses to Finnish intelligence identifies Chinese state-linked group behind cyber-attack

  1. Pete says:

    A Chinese hacker group has a wide range of high grade intel it could gather from Finland.

    Once access to Finnish Parliament servers is gained those servers have links all over the Finnish military, industrial and intelligence complex.

    Sensitive intel targets include:

    – the US State Department Oct 9, 2020 approved sale of F/A-18E/F Super Hornets and F-35As
    to Finland, https://www.defensenews.com/global/europe/2020/10/09/finland-gets-the-green-light-to-buy-the-f-35-or-super-hornetand-billions-of-dollars-in-weapons/

    – Finland already has 64 F/A-18 Hornets, top of the line German Leopard 2 tanks, US tracked
    rocket launchers, and Boeing C-17 heavy lift aircraft (so mil-tech intel) and

    – Finland and China have close IT trade, but China would always want more commercial secrets,
    eg. from Finnish IT giant Nokia.

  2. Casper says:

    I suspect economic espionage with links to Nokia and its potential customers (government) in the EU.

  3. JoJo says:

    They are known for the powerful theft for ordinary people. How come a gov doesn’t know about it. They steal everything including a election. Learn a lesson yet?

We welcome informed comments and corrections. Comments attacking or deriding the author(s), instead of addressing the content of articles, will NOT be approved for publication.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s