In a press release, Norway’s parliament, the Storting, disclosed of being a target to a cyberattack that compromised the email accounts of its members of the parliament. The Storting’s Director, Marianne Andreassen, said that the situation is being assessed closely and the affected members have already been contacted with the incident response details.
Concerns among the members of the parliament have been brewing since the cyberattack took place, as confidential and official data could have been leaked and/or exposed in this incident. However, addressing this concern, Marianne told the media that only a “small number of parliamentary representatives and employees” were affected in this cyberattack. Additionally, the internal analysis also found that “different amounts of data have been downloaded” from different accounts. This could very well mean that the cybercriminals who orchestrated this attack were in search of some specific data from certain individuals, and hence explains why they targeted only a small number of employees.
The Storting had already reported the cyberattack incident to the Norwegian National Security Authority (NSA). But, additionally, on September 1, 2020, it decided to lodge an official complaint about the burglary of confidential data from email accounts along with its analysis to the Police for carrying out the further legal investigation. A spokesman from Norway’s opposition party, the Labour Party, told New York Times that the attack had also impacted several Labour Party members and staff.
No information on the source and cause of the attack has been reported yet, however, Marianne said, “We have taken this matter very seriously, and we have full attention to analyzing the situation to get an overall picture of the incident and the potential extent of the damage.”
A Similar Attempt Down Under
In February 2020, a similar incident was reported by the Australian Parliament where apparently an unknown intruder tried to hack their computer system and attempted breaking into the parliament’s computer network which included lawmakers’ email archives. However, the parliament officials confirmed that there was no data theft reported but as a precautionary measure updated all the passwords of its network systems and performed a mandatory password reset before proceeding with a detailed investigation.
