‘Fancy Bear’ also growls at Norway

The same group of hackers that intelligence officials believe swung the US election in favour of Donald Trump has also attacked Norwegian targets within the military and foreign service. Called “Fancy Bear,” computer security experts believe Russia is behind the hacking that’s aimed at political manipulation and destablization of western democracies.

Norway’s foreign ministry has been among the targets of hackers, also abroad. PHOTO: newsinenglish.no

Tom Finney of Secureworks, a computer security organization owned by Dell Corporation, told newspaper Dagens Næringsliv (DN) over the weekend that Norwegian military attachés stationed in Eastern Europe and a Norwegian diplomatic mission in Central Asia are among targets that have been hacked. Cyber defense has been enhanced as Norway heads into national elections of its own later this year.

Norway’s own cyber defense unit (Cyberforsvaret) confirmed Secureworks’ information and said it had responded. It wouldn’t comment on who was behind the attacks, but DN reported that the attacks have “clear” ties to Russian interests: Secureworks, which has thousands of clients in 58 countries,  has no doubt that the same group that attacked the Democratic Party in the US   has also targeted Norwegian interests along with many others.

“That’s right, it’s the cyber group popularly known as ‘Fancy Bear,'” Tom Finney of Secureworks told DN. Its so-called “signature” has also been tied to attacks on other European countries gearing up for elections, including Germany and France.

Long list of targets
DN reported that the list of targets is long, including embassies and ministries in more than 40 countries, several NATO and EU institutions, political and military leaders, well-known journalists, activists and academics. Most haven’t been aware they were attacked when they clicked on links in email that seemed to come from people they knew. The attacks enabled the hackers to steal confidential information by penetrating email accounts and internal systems. The attacks in Norway only make up 2 percent of attacks on military and political institutions, DN reported, but local authorities are on high alert for more.

The US’ FBI, CIA and NSA have all described the attacks as the largest Russian attempt to gain influence in the US ever. Russian authorities from President Vladimir Putin’s office on down have vigorously denied they’re behind the hacking. Intelligence agencies all over Europe nonetheless fear Russia will try to sway elections in other countries as well, not least by attempting to discredit democratic leaders.

Norwegian authorities are reluctant to point the finger at Russia, with which the country shares a border. “What we can say is that there are attempts at penetrating our defense data systems, some veldig amateurish, others more advanced,” Knut Helge Grandhagen, communications chief for Cyberforsvaret, told DN. The attacks, Grandhagen said, “are of such a type that it’s reasonable to assume a national state is behind them, because of their complexity and the amount of resources used to mount them. We won’t mention specific nations. That’s up to political leaders and PST (Norway police intelligence unit) to comment on.”

Martin Bernsen, senior adviser at PST, confirmed that PST has seen Russian activity directed at political organizations and the military, both “classic targets,” he said, and PST has previously identified Russia as posing a threat again Norway. What’s new, he added, is the vast scale of the activity.

Political parties attacked, too
In addition to the attacks on foreign ministry and military interests, email accounts at Norway’s Greens Party (Miljøpartiet De Grønne, MDG) were hacked last June and the attacker gained access to the party’s membership register. A few weeks later, Norway’s Socialist Left party (SV) was also attacked, with the hackers gaining access to SV’s membership register as well. A false profile was established ono the party’s internal debate forum. Both attacks remain under investigation, according to the Oslo Police District.

“It can seem that security is not good enough,” Grandhagen told DN, but it’s demanding and expensive for such organizations to fend off the hackers. Norwegian political parties aren’t required by law to test their data systems for possible penetration.

“Information that should not or must never come out should never be sent via Hotmail or email that’s not classified,” Bernsen said.

newsinenglish.no/Nina Berglund