Finland confirms APT31 hackers behind 2021 parliament breach

Finland confirms APT31 hackers behind 2021 parliament breach

March 26, 2024 at 05:28PM

The Finnish Police confirmed APT31 hacking group, linked to the Chinese MSS, behind the breach of Finland’s parliament in March 2021. A joint investigation revealed offenses including espionage and violation of communication secrecy, identifying one suspect. The U.S. and the UK have sanctioned individuals and entities related to APT31’s operations. The State Department is offering rewards for information on APT31.

Meeting Takeaways:

– The Finnish Police, in collaboration with the Finnish Security and Intelligence Service and international partners, have confirmed APT31, a hacking group linked to the Chinese Ministry of State Security (MSS), as being behind a breach of the Finnish Parliament’s information systems.

– The investigation has uncovered a “complex criminal infrastructure,” and the police have identified one suspect in the case.

– The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned two APT31 operatives and a front company used by the Chinese MSS in U.S. critical infrastructure attacks. The United Kingdom also imposed sanctions on Wuhan XRZ and the two APT31 hackers.

– Additionally, the U.S. Justice Department has charged seven individuals, including two APT31 operatives, Weng Ming, Cheng Feng, Peng Yaowen, Sun Xiaohui, and Xiong Wang, for their involvement in Wuhan XRZ operations over at least 14 years.

– The U.S. State Department is offering rewards of up to $10 million for information on Wuhan XRZ and APT31, aiding in the location and apprehension of the seven Chinese MSS hackers.

APT31, also known as Zirconium and Judgment Panda, has been implicated in extensive cyber espionage operations, including the theft and repurposing of the EpMe NSA exploit.

Furthermore, the U.S. and its allies have attributed APT31 with engaging in an extensive Microsoft Exchange hacking campaign and targeting high-profile individuals associated with Joe Biden’s presidential campaign.

This comprehensive overview of the meeting notes highlights the intricate cyber activities involving APT31, the sanctions imposed, and the ongoing investigations, offering a clear understanding of the current situation.

Full Article