Norway blames China for hacking of parliament email account, says 'should not repeated'

The Norwegian government on July 19 formally attributed the hacking of its email accounts associated with the country’s parliament to Chinese hackers participating in the exploitation of vulnerabilities on Microsoft’s Exchange Server. The Norwegian Parliament, also called the Storting, said in March that its email systems were breached as part of the Microsoft Exchange Server incident. In a statement on Monday, Norwegian Foreign Minister Ine Eriksen Soreide said, “This was a very serious incident affecting our most important democratic institution.”

Soreide said, “Following a detailed intelligence assessment, it is our view that the vulnerabilities have been exploited by actors operating out of China. Several of our allies, the EU, and Microsoft have also confirmed this.”

“We expect China to take this issue seriously, and to ensure that such incidents are not repeated,” she added.

Norwegian Foreign Minister also confirmed that the Storting was a victim of the exploitation and added that the Chinese Embassy had been contacted in order to 'raise the issue directly'. She said, “Allowing such malicious cyber activities to take place is in contradiction to the norms of responsible state behaviour endorsed by all UN Member States. Today, we have called in the Chinese Embassy and raised the issue directly.”

US and allies on Microsoft Exchange hack

The Norwegian government blaming the China-based hackers came just a day after the United States along with its western allies formally blamed China for a massive hack of the Microsoft Exchange email server software. The officials also emphasised that the criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyber operations. However, the announcements were not accompanied by sanctions against the Chinese government. The move underlined the ongoing threat from Chinese hackers despite US President Joe Biden's administration being on constant alert of ransomware attacks based in Russia. 

In a statement, EU Foreign Policy Chief Josep Borrell said that the hacking was 'conducted from the territory of China for the purpose of intellectual property theft and espionage'. Meanwhile, UK Foreign Secretary Dominic Raab said that the Microsoft Exchange cyberattack 'by Chinese state-backed groups was a reckless but familiar pattern of behaviour'. Additionally, in the first public condemnation of China, NATO called on Beijing to adhere to international commitments and obligations 'and to act responsibly in the international system, including in cyberspace'.

IMAGE: AP/Unsplash