China-linked cyber espionage group APT31 is believed to be behind an attack on the Parliament of Finland that took place in 2020.
According to the government experts, the hackers breached some parliament email accounts in December 2020.
“Last year, the Security Police has identified a state cyber espionage operation against Parliament, which tried to infiltrate Parliament’s information systems. According to intelligence from the Security Police, this was the so-called APT31 operation.” reads the announcement published by the Finnish Parliament.
The Finnish National Bureau of Investigation (NBI) along with the help of the Security Police and the Central Criminal Police are investigating the security breach.
Central Criminal Police Commissioner Tero Muurman added that further details regarding the attack will not be disclosed while the investigation is still ongoing.
“The preliminary investigation examines, among other things, the motive for the act. One of the alternatives is that the purpose of the information breach was to obtain information for the benefit of a foreign state or to harm Finland, says Commissioner for Crime Tero Muurman from the Central Criminal Police.” reads a post published by Poliisi.
APT31 (aka Zirconium) is a China-linked APT group that was involved in multiple cyber espionage operations, it made the headlines recently after Check Point Research team discovered that the group used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool, years before it was leaked online by Shadow Brokers hackers.
If you want to receive the weekly Security Affairs Newsletter for free subscribe here.
(SecurityAffairs – hacking, APT31)