The Norwegian Parliament (Stortinget) has become the latest cyberattack victim, according to a statement released by administrative director Marianne Andreassen on September 1.
The report claims that unnamed attackers targeted the Stortinget internal email systems, compromising the email accounts of a small number of a few lawmakers and parliament employees.
“The Storting has recently been subjected to a comprehensive IT attack,” Andreassen said. “Our analyses show that different amounts of data have been downloaded.”
Although the investigation is still ongoing, affected parliament representatives and employees have been contacted, and the attack has been reported to the Norwegian National Security Authority (NSA), which helped counter the attack.
“A number of risk-reducing immediate measures were implemented to stop the attack,” Andreassen added. “These measures had an immediate effect.We must constantly work with IT security against a demanding threat picture. New measures are being considered on an ongoing basis to strengthen security in the Storting.”
Unfortunately, the Stortinget offered no details regarding the origin of the attack, and the bad actors’ identities remain unknown.
“We don’t know who’s behind it,” Andreassen told reporters. However, the parliament’s IT staff detected “anomalies a little more than a week ago.”
The attackers’ endgame is not clear, but the incident should trigger an alarm for all government institutions. While cybercriminals step up their game, with brazen attempts to compromise sensitive networks and data, security teams must take the necessary steps to enhance protection against all threat vectors.