Security News > 2021 > March > Å nei! Norway's Stortinget struck by Microsoft Exchange malware

The exploit at a democratic institution such as Stortinget is certainly ominous, perhaps more so than the woes in recent days of organisations such as the European Banking Authority.
Stortinget president Tone Wilhelmsen Trøen said: "The attack we are facing shows that IT attacks can have serious consequences for democratic processes at worst."
Located in Oslo, Stortinget is the supreme legislature of Norway and consists of 169 seats.
The accusation was deemed "Groundless" by Konstantin Kosachev, head of the Russian Federation Council's Committee on Foreign Affairs, according to the Russian News Agency, TASS. Stortinget is not connecting that breach with the recent exploiting of vulnerabilities in Microsoft's Exchange Server, made public last week.
Security researcher Brian Krebs recently posted that "At least" 30,000 US organisations could have been hacked thanks to the flaws, which allowed hackers to leave backdoors in exposed Exchange Servers.
Stortinget is sadly unlikely to be the last organisation to go public on a compromise of Microsoft Exchange.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/03/11/stortinget_attack/
Related news
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft admits GitHub hosted malware that infected almost a million devices (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
- Microsoft Trust Signing service abused to code-sign malware (source)
- Microsoft Trusted Signing service abused to code-sign malware (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)