An investigation by Norway’s Police Security Service (PST) has found that a cyberattack of the country’s parliament was likely carried out by Fancy Bear, a hacker group that has ties to Russia’s GRU military intelligence agency.

The Norwegian parliament said in September that it had been the target of a cyberattack in August and that the e-mail accounts of several lawmakers and employees had been hacked. Moscow rejected the accusation as “a deliberate provocation”.

On Tuesday, the PST released the findings of its investigation into the August attack, saying it was part of a broader campaign “that has been going on at least since 2019” and “was carried out by the cyber actor referred to in open sources as APT28 or Fancy Bear”.

According to the analysis of the breach, the attackers were not successful in their attempts to further breach parliament’s computer systems, but the PST said that it could not go into further detail due to the sensitivity of the matter.

APT28, also known as Fancy Bear, is a Russian hacker group that is believed to be associated with Russia’s GRU military intelligence agency that has been blamed for numerous cyberattacks on Western governments in recent years.

The PST added that Fancy Bear was specifically linked to the GRU’s 85th Main Special Services Center, whose officers were recently implicated in taking part in a 2015 cyberattack against the German parliament, the Bundestag.

German chancellor Angela Merkel in May said there is hard evidence Russia was targeting her in the 2015 hacking attacks on the Bundestag, which also targeted her own parliamentary email account.


Please enter your comment!
Please enter your name here