Cyberattacks on IT systems were allegedly carried out by Chinese hackers, according to Norwegian officials.

 The cybercriminal outfit APT31 was related to the 2018 attacks, according to police.

China hacker group

Chinese intelligence

Norway's government blamed Chinese cybercriminals for hacking government centres in 2018 based on technical data acquired by the country's central intelligence agency. NRK, a Norwegian television and radio station, reported this.

Following this, the Norwegian national security agency PST (Politiets Sikkerhetstjeneste) decided that the same "international threat actors" were responsible for both the government hacking and the malware attack on the private corporation Visma in the same year.

Hackers attempted to obtain access to Norway's national intelligence and security services' secret material. Experts were unable to determine whether the attackers were able to steal sensitive data.

Logins and passwords connected with administrative officials working in numerous government agencies relating to military, national security, and disaster preparedness were stolen from government centre IT networks.

“We have intelligence linking the cyberattacks to the cybercriminal outfit APT31 in this case. APT31 is also related to Chinese intelligence services, according to Hanne Blomberg, PST counterintelligence chief.

China's central intelligence services are also suspected of being behind a cyberattack on the Storting's information systems on March 10, 2021, according to Norway's central intelligence services. Cybercriminals exploited vulnerabilities in the Storting e-mail system, particularly in Microsoft Exchange mail servers, according to information security specialists.