Russia Blamed for Cyber-attack on Norwegian Parliament

Russia has been accused of carrying out a "significant" cyber-attack on the Norwegian parliament earlier this year.

In August, unauthorized individuals managed to gain access to the email accounts of several elected members of the Storting, Norway's single-chamber parliament. The cyber-criminals also targeted some accounts belonging to parliament employees. 

An unspecified amount of data was stolen in the attack, which impacted some members of Norway's main opposition party, the Labour Party.

Speaking to the Norwegian press just after the attack took place, the Norwegian parliament's director, Marianne Andreassen, said: "We don't know who's behind it." However, on Tuesday, Norway's foreign minister, Ine Eriksen Soereide, laid the blame for the attack squarely at Russia's door. 

“This is a serious event that hit our most important democratic institution,” said Soereide.

“Based on the information available to the government, it is our assessment that Russia stood behind this activity."

Soereide did not give details of any action that Norway might take against its Arctic neighbor. A Norwegian foreign ministry spokeswoman declined to comment when asked by Reuters whether Russia would be asked to recall its ambassador or any of its diplomats from Norway.

In September 2018, a Russian IT adviser named Mikhail Bochkaryov was arrested at Oslo Airport after exhibiting strange behavior at an IT conference held in Norway's parliament. 

Bochkaryov, an employee of the Russian parliament's upper chamber, had been attending a seminar organized by the European Centre for Parliamentary Research and Documentation on the Storting's digitalization process. 

Norway’s Police Security Service (PST) said the IT professional had been detained on suspicion of illegal intelligence activities.

Russia’s foreign ministry summoned Norway’s ambassador to protest the arrest and demand the release of Bochkaryov by NATO member Norway. After several weeks in detention, Bochkaryov was released without charge and returned to Moscow. 

In 2017, Norway accused APT 29 of carrying out spear-phishing attacks on Norway’s foreign ministry, army, and other institutions. Arne Christian Haugstoyl, an official with PST, said that the group, which has "links to the Russian authorities," had targeted nine different email accounts.  

What’s Hot on Infosecurity Magazine?