Norway Parliament Data Stolen in Microsoft Exchange Attack

Norway Parliament Data Stolen in Microsoft Exchange Attack

The Storting, Norway’s parliament, has become a victim of a cyberattack in which bad actors exploited Microsoft Exchange vulnerabilities to stole data.

While Microsoft released emergency security updates for Microsoft Exchange to fix zero-day vulnerabilities last week, hackers can still abuse the flaws in systems that haven’t been patched.

The Storting announced it fell victim to a cyberattack linked to the Microsoft Exchange vulnerabilities which closely follows another one that took place in December. 

“The Storting has again been hit by an IT attack. The attack is linked to vulnerabilities in Microsoft Exchange, which affected several businesses.”

The Storting does not report the extent of the attack. Its IT personnel took a number of measures and started an investigation. 

But there is evidence that data has been “extracted,” the Storting disclosed in a statement confirming that the threat actors have stolen in the cyberattack.

It is unknown what data has been stolen, and the Stortig does “not yet have a full overview of the situation.” 

The Norwegian authorities have implemented comprehensive measures and are collaborating closely with the security entities in the country. 

There is much that remains unclear by the time of writing, they “do not know the full potential for damage,” says Storting director Marianne Andreassen.

However, they do not link this attack to the previous cyber attack in December, which was attributed to the Russia-sponsored APT 28 hacking group.

The attack on Norway’s parliament is largely attributed to HAFNIUM, a China state-sponsored hacking group, which has already compromised a number of servers, installed backdoors, and gained access to internal corporate networks in the US and Europe. However, recently we have learned that other hacking groups had been exploiting the flaws as well.

According to the cybersecurity firm ESET other cybercrime groups that had also been exploiting the zero-day vulnerabilities in Microsoft Exchange servers include Tick, LuckyMouse, and Calypso. Even more so, recently ESET stated that more hacking groups are jumping on the bandwagon to try to hack systems before everyone patched them.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.