Supo, The Finnish Security and Intelligence Service recently stated that the state cyber-espionage operation APT31 was responsible for the cyber-attack on Finland’s Parliament last autumn, YLE reports.
Security companies such as Checkpoint and FireEye have previously linked the operation APT31 to China’s state cyber operations and states that the operation operates on behalf of Chinese interests. Supo labeled APT31 as a state-backed operation and said in the statement that APT31 was responsible, but did not name China directly.
Separately, Finnish police recently described the hacking as aggravated espionage and message interception and stated that the motive is under investigation. Moreover, they have not excluded the possibility that the purpose of the attack was to gather intelligence to benefit a foreign state or to harm Finland’s interests.
According to the National Bureau of Investigation (NBI), when the attack was detected by the legislature’s internal technical surveillance, the security of several parliamentary email accounts was compromised, some of which belonged to MPs.