The dreaded Russian APT 29 group is back, the Norwegian authorities accuse Russia of cyber attacks that hit the foreign ministry, intelligence and other institutions.
“Nine different email accounts were targeted in an attempt at what is called spear phishing, in other words malicious emails,” confirmed Arne Christian Haugstoyl, an official with Norway’s intelligence service PST, in an interview with the television channel TV2.
The Norway was informed of ongoing attacks by an allied state, it is currently investigating the case, but it is still unclear which was the motivation behind the attack.
“It’s difficult to know what the goal” he added.
Despite legislative elections are scheduled for September 2017, experts believe that the attacks are not linked to the vote.
The APT 29 group is likely interested in the Norway NATO membership, especially in the wake of the Ukraine crisis.
Recently the Norwegian Government also allowed the deployment of 300 US soldiers on its soil.
The Norwegian official confirmed that the APT 29 group has links to the Russian authorities, the hackers area also accused to have interfered with the recent US Presidential Election.
At the time I was writing it is not clear if the hackers have exfiltrated sensitive information, according to the Verdens Gang (VG), the PST spokesman Martin Bernsen said there was “no reason to believe that classified information had been obtained in connection with the attack.”
According to the Norwegian Government, the hackers also targeted the national radiation protection agency, the parliamentary group of the Labour party and a school.
Recently Moscow refused visas to two senior Norwegian lawmakers, a decision considered by the Government of Oslo as “unjustifiable”.
Moscow explained the visa refusal was its response to Norway’s position on the EU economic sanctions against Russia over the Ukraine crisis.
[adrotate banner=”9″]
(Security Affairs – Norway, APT 29 Group)
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.…
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer…
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics…
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
This website uses cookies.