The Norwegian parliament, or the Storting, on Tuesday announced that it was targeted over the past week by a major cyberattack that compromised multiple members of the government.
In a translated statement, the Storting noted that hackers had targeted the email accounts of a “small number” of members of parliament and staff members, with data from these accounts successfully downloaded by the attackers. Impacted individuals were contacted prior to the announcement being made.
It was not immediately clear what type of cyberattack the incident was, or who was behind it.
“We take the matter very seriously, and we have full attention to analyzing the situation to get an overall picture of the incident and the potential extent of damage,” Marianne Andreassen, the Storting’s nonelected chief administrator, said in a statement.
Andreassen noted that “risk-reducing immediate measures” put in place had been successful in stopping the attack, and that the Storting had contacted law enforcement in relation to the cyberattack.
“We must constantly work with IT security against a demanding threat picture,” Andreassen noted. “New measures are being considered on an ongoing basis to strengthen security in the Storting.”
Reuters reported that Norway’s National Security Authority (NSA) was involved in responding to the cyber incident, with NSA spokesperson Trond Oevstedal telling Reuters that the agency had been “involved for a few days” and was focused on "assisting parliament with analysis and technical assistance."
The attack on the Storting was not the first major government cyber incident over the past year.
In June, the Australian Prime Minister Scott Morrison announced that a “sophisticated state-based actor” had targeted all levels of government and critical infrastructure with attempted attacks. The Australian Parliament and the three largest political parties were separately targeted by Chinese hackers in 2019 ahead of the general election.
More recently, a cyberattack forced the Canadian government to shut down online portals for several days when hackers successfully compromised more than 11,000 accounts involved in accessing COVID-19 relief services and tax information, according to CNN.