Defence Minister Carl Haglund (SFP) estimates that the attacks on his website are organised. Following the news that his website was taken down due to a data-stealing malware on Wednesday, Carl Haglund (SFP), the Minister of Defence, has revealed that his personal website has been subjected to repeated malware attacks.

Last year alone, the minister told Helsingin Sanomat, three viruses were detected on the website. “In light of today's events, it looks like it's not a coincidence. This seems organised,” Haglund viewed.

F-Secure, an anti-virus vendor, believes the virus to have originated in St. Petersburg, Russia.

Haglund estimates that his website has been targeted by malware due to his position as the cabinet minister responsible for cyber-security issues. “This is an indication of the kind of world we live in. A group or a party has probably wanted to show off their skills,” he said.

The website contains no confidential data, and the attackers seem to have left no messages or hints as to their whereabouts. Previously, the malware attacks have been detected by the service provider and once by a visitor who informed the Defence Minister of the problem through social media.

Haglund is consequently considering beefing up the security of his website. “It would probably require some sort of investments, but the page is a personal page used for campaigning and by no means essential,” the minister commented.

The Trojan malware was detected during a routine, automatic scan when F-Secure was running tests on another application. The malware was disguised as the contact page of Haglund's website and had been there since 23 January.

All of the detected malware attacks have been reported to the Finnish Communications Regulatory Authority, which co-ordinates the clean-up of contaminated websites. The authority is yet to determine the nature or intended purpose of the malware.

Esa Juntunen – HS
Aleksi Teivainen – HT
Photo: Roni Rekomaa / Lehtikuva