The indictment, which was followed by sanctions from US and UK authorities, targeted companies and individuals with links to the Chinese hacker group APT31, which is said to be part of the Chinese state apparatus, Reuters reports.
The list of victims – believed to be several million – includes American senators, British members of parliament and European members of the so-called Inter-parliamentary alliance on China (IPAC).
The email looked like a newsletter
Elisabet Lann, municipal councilor for the Christian Democrats in the city of Gothenburg, is one of the vulnerable members of IPAC. She says that this week she learned that a seemingly innocent email that landed in the inbox in 2021 turned out to be from APT31. It looked like a newsletter and she opened it.
– The email didn’t seem to contain any misinformation or anything, it felt rather bland – like spam or the like.
The hacker group may have received information about, among other things, IP address geographic location.
– It was a type of attack where they get access to information about where you are, which network you are connected to, which device you are using and which browser you have. Then, in the next step, they can choose to attack that network, which as far as I know did not happen then.
Member of Parliament Joar Forssell (L), also a member of IPAC, has also been affected, writes Expressen.
– I only found out about this when I read the press release from the American authorities, he tells the newspaper.
Finland was hit hard in 2021
In 2021, APT31 carried out extensive cyber attacks against Finnish authorities, where they successfully breached the parliament’s IT system, according to the AP news agency. The year before, the e-mail accounts of several Finnish members of parliament were exposed to attacks by APT31.