Month: December 2020

The Parliament of Finland confirmed on December 28, 2020, that threat actors gained access to email accounts of multiple members of parliament (MPs).

Parliament officials said:
“Parliament of Finland has been subjected to a cyberattack in the fall of 2020. The attack was discovered by parliamentrainer technical surveillance.

Some parliament e-mail accounts may have been compromised as a result of the attack, among them e-mail accounts that belong to MPs.

The cyberattack is being investigated by the National Bureau of Investigation. The investigation is supported by Parliament of Finland.”

According to NBI Detective Inspector Tero Muurman, the attack is likely part of a cyberespionage campaign carried out by nation-state actors.

Read more about it here.

A number of U.S. government agencies reportedly have been hacked: The Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service, and the National Institutes of Health. The attack began in March 2020, and is still ongoing, meaning that the malware that was placed on computers may still be capturing confidential information.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), tech company SolarWinds was compromised, and it posed “unacceptable risks to the security of federal networks.” SolarWinds Orion products are used by several U.S. agencies for network management.

In turn, SolarWinds said in a statement that the breach of their system “was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed attack, as opposed to a broad, system-wide attack.”

Read more about it here.

Cybersecurity giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. In a blog post, FireEye CEO Kevin Mandia said company tools used for testing customers’ security had been stolen. “The attacker primarily sought information related to certain government customers,” he wrote. The hackers “used a novel combination of techniques not witnessed by us or our partners in the past.” As of this writing, FireEye has seen no evidence to date that any attacker has used the stolen tools.

Read more about it here.