Top government officials in Norway have continued to send out high-level communication of classified information over insecure computer lines, reports newspaper Aftenposten. That’s opened the possibility that foreign spies or computer criminals can gain access to the information.
Now the government is under more pressure to tighten the holes in its communication systems, after Norway’s National Security Authority (Nasjonal sikkerhetsmyndighet, NSM) uncovered serious deficiencies in compliance with security laws. The NSM earlier has warned of cyber attacks, while intelligence officials have claimed there’s at least as much if not more spying going on in Norway now than during the Cold War.
NSM conducted a review this fall of spying attempts and cyber attacks on Norway, and found that 11.33 percent of them originated from servers and IP-addresses in the US and 11.01 percent in Russia. Another 8.38 percent came from Brazil followed by 6.54 percent from Taiwan. Next came China, with 4.73 percent, followed by Italy, Romania, Germany, Poland and France. The remaining 41.9 percent of the attempts to infiltrate Norwegian government networks came from IP-addresses spread around the world.
Authorities not pleased
NSM officials conducted an inspection this fall of the state agency (Departementenes servicesenter, DSS) that runs the communications systems for 13 ministers in the government. They weren’t pleased, reports Aftenposten, and ordered improvements.
In June, for example, information on keys and access to protected areas within the government complex in downtown Oslo was sent over open lines. Concerns about terror targets and security levels around Norwegian oil installations in the North Sea was also sent over a network not set up to handle classified information.
A classified evaluation of security threats was sent to Education Minister Kristin Halvorsen in August, as were classified evaluations of security levels around a major oil conference held in Stavanger.
In October, details around the security of state budget documents were also sent over open lines, along with the names of security personnel assigned to Prime Minister Jens Stoltenberg and other government ministers.
Systems lacking
A major problem is that most ministries lack a secure network to handle classified information. Some information, meanwhile, is classified unnecessarily, leading to potentially bad habits in transmission of all information.
Inger-Anne Ravlum, state secretary in the ministry responsible for computer communications (Fornyings- og administrasjonsdepartement) said it was “unfortunate” when the NSM uncovers deficiencies so severe that they need to issue orders for improvement. “DSS must make corrections in line with the order,” Ravlum told Aftenposten.
It’s not just the computer systems that are being criticized, either. Audits have revealed that persons without security clearance have had access to classified information, that classified documents have been handled and stored insecurely and that internal distribution of classified documents is often poorly controlled.
DSS director Ivar Gammelmo has earlier claimed security was good, but now told Aftenposten that DSS is taking the NSM’s order seriously and improvements are underway. NSM, meanwhile, has recently completed another audit but couldn’t reveal any results.
Views and News from Norway/Nina Berglund
Join our Forum if you’d like to comment on this story.
