[ad_1]
PST believes that the data breach against the Storting could have been prevented if the representatives had used a secure login.
The Storting reported the data breach to the police on September 1. Since then, the Police Security Service has carried out an intensive investigation. Photo: Gorm Kallestad / NTB
On Tuesday, it emerged that the Police Security Service (PST) believes that a Russian cybercriminal is behind the data breach against the Storting. The actor is linked to the Russian military intelligence service GRU in Moscow.
PST has also concluded that common security tools such as two-factor authentication and configuration and more could prevent theft. The representatives that were hacked had not used it.
“Weak passwords for accounts used both at work and in a private context expose both individuals and the Storting as a parliamentary institution.” Write PST in a press release.
also read
Are these the Russian hackers who attacked the Storting? They love the Queen band. Putin calls them artists.
I didn’t use security tools
The PST investigation shows that the Russian gamer used a technique called password brutforcing to obtain a valid username and password. It involves trying all possible password combinations, until you finally manage to guess the correct one.
This technique was used against a large number of user accounts in the Storting’s email systems. Thus, the player managed to log into a small number of email accounts at the Storting and retrieve sensitive content from some of them.
The data breach shows that normal security mechanisms have failed, according to PST police attorney Anne Karoline Bakken Staff.
– Where you have managed to get in, is because two-factor authentication has been disabled or enabled for simple configurations. If it had been on, the network operation could have been prevented, he says.
Anne Karoline Bakken’s staff from PST. Photo: Ole Berg-Rusten / NTB scanpix
Two-factor authentication is a login method used to protect your account in the event that someone steals your password. It involves logging into your account through two steps: first through a password, and then through another tool, like your phone.
The Storting representatives who were hacked had not used this type of secure login. It’s concerning, says Vidar Sandland, a cyber expert and senior advisor to the Norwegian Center for Information Security (NorSIS).
– There is always a certain risk that usernames and passwords will be lost one way or another. Therefore, one more factor must be taken, which secures the login. This case is an example of how serious it can be if security mechanisms are not used, he says.
Sandland believes that the Storting should establish such security mechanisms as a requirement for all its users.
– When it comes to elected representatives sitting on important and sensitive information, it should be a requirement that they also make sure to protect it, he says.
Storting Director Marianne Andreassen will report on the cyber attacks against the Storting on Tuesday. Photo: Terje Pedersen / NTB
It will be necessary for a secure login
IT security at the Storting is generally good, says Storting Director Marianne Andreassen. After the IT attack in August, it has escalated further, he says. This includes requirements for the use of stronger passwords and the introduction of two-factor authentication on various services.
– Just during the New Year, two-factor authentication was also introduced throughout the email solution. Then it becomes a requirement that all users must use it, says Andreassen.
In any case, these cyber attacks are difficult to prevent, according to PST police attorney Anne Karoline Bakken Staff.
– We will be constantly exposed to cyber operations like this throughout society. That is why we must always be prepared, he says.
