Finnish police linked APT31 to the 2021 parliament attack

Finnish police linked APT31 to the 2021 parliament attack

Pierluigi Paganini
March 27, 2024

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to the China-linked group APT31.

The Finnish Police attributed the March 2021 attack on the parliament to the China-linked group APT31. The Finnish authorities investigated multiple offenses, including aggravated espionage, aggravated unlawful access to an information system, and aggravated violation of the secrecy of communications.

According to the police, the offences were committed between autumn 2020 and early 2021. The police immediately suspected the involvement of the China-linked cyberespionage group APT31 and now confirmed the attribution. The police announced that they had also identified one suspect.

The multi-year investigation revealed a complex criminal infrastructure used by the nation-state actors, explained the Head of Investigation, Detective Chief Inspector Aku Limnéll of the National Bureau of Investigation.

“The police have previously informed that they investigate the hacking group APT31’s connections with the incident. These connections have now been confirmed by the investigation, and the police have also identified one suspect.” reads the press release published by the Finnish Police.

The investigation relied on an international information exchange, the National Bureau of Investigation collaborated with international entities and the Finnish Security and Intelligence Service

This week, the US government announced sanctions against a pair of Chinese hackers (Zhao Guangzong and Ni Gaobin), alleged members of the China-linked APT31 group, who are responsible for “malicious cyber operations targeting U.S. entities that operate within U.S. critical infrastructure sectors.”

The U.S. Treasury Department has sanctioned a tech company based in Wuhan, the Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), used by the Chinese Ministry of State Security (MSS) as a front in attacks against organizations in the U.S. critical infrastructure sector.

UK, Australia and New Zealand are also accusing China-linked APT31 of cyber operations against UK institutions and parliamentarians.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, APT31)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts