Cyber Incident Victim: Stortinget
Date:
Mar 2021
Location:
Norway
Summary
Hackers infiltrated the Norwegian Parliament's computer systems, exploiting a vulnerability in Microsoft Exchange software to extract data. This breach occurred approximately six months after a prior cyberattack against the legislative body, with officials characterizing the incident as part of an international cybersecurity crisis involving the same software flaws. Security researchers identified at least ten distinct hacking groups actively weaponizing these vulnerabilities globally, amplifying concerns about widespread exploitation. The incident underscored systemic risks associated with the compromised email server infrastructure, prompting coordinated warnings from European and U.S. authorities regarding the critical nature of the threat.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On March 10, 2021, Norwegian officials disclosed that hackers had successfully infiltrated the Norwegian Parliament’s computer systems and extracted data. This incident occurred approximately six months after a previous cyber attack against the same institution had been made public. The parliament attributed the breach to a vulnerability in Microsoft’s Exchange Server software, characterizing the exploit as part of an "international problem" affecting multiple organizations globally. While the attackers remained unidentified, the intrusion demonstrated continued targeting of Norway’s legislative infrastructure following the earlier compromise. The disclosure coincided with heightened global alerts regarding widespread exploitation of vulnerabilities in Microsoft’s email server software.
Cybersecurity firm ESET reported that at least 10 distinct hacking groups were actively leveraging the Microsoft Exchange vulnerabilities to compromise targets worldwide, amplifying concerns raised by U.S. and European authorities. The Norwegian Parliament incident exemplified the rapid weaponization of these software flaws across geopolitical boundaries. Although the specific scope of data exfiltrated from Norway’s systems was not detailed, the breach underscored persistent security challenges facing governmental entities. The parliament’s public linking of the attack to the Exchange vulnerabilities aligned with international efforts to highlight the critical nature of these exploits. No additional technical specifics regarding containment measures or operational disruptions within the parliamentary systems were disclosed in the immediate aftermath.