Norway’s oil, gas, and defence firms have been attacked by hackers. Norway’s National Security Agency
(Nasjonal sikkerhetsmyndighet or NSM) confirmed that the details of contract negotiations along with industrial secrets had been stolen. The NSM said it was the biggest attack of its kind Norway had experienced with 10 or more businesses affected.
With an ever increasing number of cybercrimes committed, Norway is the latest victim. Several countries have lost secrets and intellectual property to cyber thieves. “It is critical that businesses have up to date security systems in place, and also clear protocol of what to do if an attack occurs. It is also key to train staff for what to look out for ” online security and cybercrime expert Tero Pollanen advised.
The attack gained access to the firms’ networks by customising emails that wouldn’t trigger anti-malware detection systems with viruses attached. According to the NSM, the emails had not only been sent to named targets at the businesses, but also designed to look like they had come from trustworthy sources.
The attack took place at a crucial time for the firms: mid negotiations for large contracts. Details stolen include passwords, user names, contracts, industrial designs, and documents. It is believed that all the information is now overseas.
Due to the similar nature of the targets, the techniques used in the attacks, the virus coding, and the way in which data was lifted, the NSM is confident that one group is responsible for all of the attacks. Furthermore, the NSM believes that there are other victims yet to come forward, and is appealing for them to come forward. In a statement the NSM said “This is the first time Norway has revealed extensive and wide computer espionage attacks”. Whilst vigilant users had picked up on the hacking and informed internal IT security staff, the NSM says it’s likely many are unaware of the attack, or that information has been stolen.