Norway accuses Chinese hackers of breaching parliament email accounts
Jul 20, 2021
Oslo [Norway], July 20 : The Norwegian government on Monday formally attributed a breach of email accounts associated with the Norwegian parliament to Chinese hackers involved in the exploitation of vulnerabilities in Microsoft's Exchange Server.
The Norwegian parliament in March said that email systems had been breached as part of the Microsoft Exchange Server incident.
"This was a very serious incident affecting our most important democratic institution," Norwegian Minister of Foreign Affairs Ine Eriksen Soreide said in a statement. "Following a detailed intelligence assessment, it is our view that the vulnerabilities have been exploited by actors operating out of China."
Soreide confirmed that the Storting was a victim of this exploitation and that the Chinese Embassy had been contacted in order to "raise the issue directly."
The revelations come on the day the US and Western allies formally blamed China for a massive hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyber operations.
The minister pointed to the attribution to China by allied nations as part of pushing back against the attack.
"We expect China to take this issue seriously, and to ensure that such incidents are not repeated," Soreide stressed. "Allowing such malicious cyber activities to take place is in contradiction of the norms of responsible state behaviour endorsed by all UN Member States."
The compromise as part of the Microsoft Exchange Server vulnerabilities was not the first hacking incident to hit the Norwegian government in the past year.
The Storting announced in September that it had been hit by an "IT attack," and that a small number of members of parliament and staff members, with data from these accounts successfully downloaded by the attackers.