Finland’s national security agency claimed Thursday that the APT10 cyber group, usually linked to the Chinese Communist Party (CCP), was allegedly behind a cyber espionage attack on the Nordic country’s parliament information systems last year.
Finland’s Intelligence and Security Service, known by the abbreviation Supo, said it had “identified a cyber espionage operation targeted in 2020 against the Finnish parliament with the aim of intruding into the parliament’s IT systems.”
The statement was also posted on the agency’s English-language Twitter site:
Supo identified a cyber espionage operation targeted in 2020 against the Finnish Parliament with the aim of intruding into the Parliament’s IT systems. #APT31 #CyberEspionage #CyberSecurity https://t.co/yqj7xKqfTS
— Suojelupoliisi (@Suojelupoliisi) March 18, 2021
2020, the year of the pandemic, was a year of exceptionally intense cyber-espionage operations both in Finland and elsewhere in Europe.
Finland’s National Bureau of Investigation, NBI, reported in late December that it had launched an investigation into alleged serious hacking and espionage attacks on the information systems of Eduskunta, the Finnish legislature. Among other things, the e-mail accounts of some legislators were hacked.
According to Supo’s intelligence, APT10, the well-known hacker group that according to the allegations works together with the CCP to obtain valuable information from other companies, universities, laboratories, and politicians in other countries, was responsible for the attack.
Supo also provided Parliament with information that enabled it to identify possible new hacking attempts. Parliament followed the instructions it received and further strengthened its information security. In addition to warning the Parliament, Supo also provided information to the Finnish National Cyber Security Center to improve monitoring and prevention capabilities.
Recently, the same hacking group backed by the CCP reportedly perpetrated an attack targeting the information systems of two major Indian vaccine manufacturers, whose anti-CCP virus inoculations are currently being used in various immunization campaigns.
India and China are the two major global producers of the vaccine against the CCP virus. At the moment India leads with 60% of the world’s vaccine production. This seems to have piqued the CCP’s interest in obtaining information on vaccine production in its neighboring country.
Singapore and Tokyo-based cyber intelligence firm Cyfirma told Reuters that the Chinese-based hacking group APT10, also known as Stone Panda, had identified breaches and vulnerabilities in the information infrastructure and supply chain software of Bharat Biotech and Serum Institute of India (SII), the world’s largest vaccine manufacturer.
“The real motivation here is actually to exfiltrate intellectual property and gain a competitive advantage over Indian pharmaceutical companies,” said Cyfirma CEO Kumar Ritesh, who previously served as a senior cyber official with the British foreign intelligence agency MI6.
For its part, the CCP did not comment on the matter, even though it is aware of the known ties linking the hacker group to itself.
This is not the first time that Chinese citizens have been accused of trying to steal information from laboratories that are researching the vaccine against the CCP virus.
In July 2020, the U.S. Department of Justice issued a detailed 11-count indictment against two Chinese nationals accused of conducting a hacking campaign to steal information and extort money.