Russian APT 29 group launched cyber attacks against Norwegian authorities

The Norwegian intelligence agency PST is one of the targets of spear phishing attacks launched by the Russian APT 29 group.

The dreaded Russian APT 29 group is back, the Norwegian authorities accuse Russia of cyber attacks that hit the foreign ministry, intelligence and other institutions.

“Nine different email accounts were targeted in an attempt at what is called spear phishing, in other words malicious emails,” confirmed Arne Christian Haugstoyl, an official with Norway’s intelligence service PST, in an interview with the television channel TV2.

The Norway was informed of ongoing attacks by an allied state, it is currently investigating the case, but it is still unclear which was the motivation behind the attack.

“It’s difficult to know what the goal” he added.

Despite legislative elections are scheduled for September 2017, experts believe that the attacks are not linked to the vote.

The APT 29 group is likely interested in the Norway NATO membership, especially in the wake of the Ukraine crisis.

Recently the Norwegian Government also allowed the deployment of 300 US soldiers on its soil.

The Norwegian official confirmed that the APT 29 group has links to the Russian authorities, the hackers area also accused to have interfered with the recent US Presidential Election.

At the time I was writing it is not clear if the hackers have exfiltrated sensitive information, according to the Verdens Gang (VG), the PST spokesman Martin Bernsen said there was “no reason to believe that classified information had been obtained in connection with the attack.”

According to the Norwegian Government, the hackers also targeted the national radiation protection agency, the parliamentary group of the Labour party and a school.

Recently Moscow refused visas to two senior Norwegian lawmakers, a decision considered by the Government of Oslo as “unjustifiable”.

Moscow explained the visa refusal was its response to Norway’s position on the EU economic sanctions against Russia over the Ukraine crisis.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Norway, APT 29 Group)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.