Norway’s defense industry, technology firms and state agencies were all the regular targets of computer spying attacks last year, according to the state national security authority. In a new report being released on Tuesday, the authority reveals that such targeted attacks have doubled just in the last two years.
The Norwegian National Security Authority (Nasjonal sikkerhetsmyndighet, NSM) has been sounding the alarms over computer spying for years and now reports that attacks by computer hackers have become daily events that can be the result of years of planning.
Several of Norway’s largest companies including telecommunications giant Telenor and weapons producer Nammo are also being more open about how they’re fending off attacks almost on a daily basis.
Attacked ‘all the time’
“The attacks occur all the time and they’re increasing,” Hanne Tangen Nilsen, security director for Telenor Norge, told newspaper Dagsavisen. Both Dagsavisen and business daily Dagens Næringsliv (DN) featured major stories about the new wave of hacking attacks on their front pages on Tuesday.
Nilsen said there’s “a wide range of players behind this,” from foreign governments and “well-organized criminals” with large resources at their disposal, to those “who just do this to show off and demonstrate that they have the competence” to worm their way into their targets’ computer systems.
“The threat level is changing continuously, and we know that the criminal networks have become better-organized,” she told Dagsavisen. “Their capacity is also greater, their competence is better and they hide themselves behind those who have hired their services.”
Many motives, links to China
The hackers’ motives, meanwhile, can range from irritated customers wanting to prod Telenor into changing some sort of function, “to those with political and economic goals,” Nilsen said.
Ole Ingarth Karlsen, chief of information technology at weapons producer Nammo in Raufoss, is also among Norway’s high-tech companies that finds itself under attack on the Internet. He said that Nammo “has reason to be suspicious” about computer spying attempts “every day,” while “we’ve seen the more advanced and targeted attacks every month for the past three months.”
Asked what the hackers are targeting, Karlsen said their suspicions suggest it’s “information related to product development and testing.” Asked who was behind the spying, Karlsen told Dagsavisen: “It often difficult to prove this exactly, but several of the more targeted attempts we’ve discovered come from Chinese computer addresses.”
Key systems at risk
NSM officials warn that Norway, as a wealthy energy-producing nation, is a popular target and that key systems are at risk, not least the key control systems for such services as power production for lights and heating that recently have been connected to the Internet. Sabotage of national infrastructure is a constant worry, according to the NSM, as is national and industrial espionage.
“If someone is out to get confidential information, they’ll be very goal-oriented and determined,” said Kjetil Berg Veire, information chief at NSM. “They also want to know which people are sitting on such information. Their user names and passwords are valuable.”
He and his colleagues at NSM continue to urge state, business and industrial officials to take the hacking risks more seriously, boost protection of their computer systems and instill a culture of security among employees. “We understand that such measures can take time, but this is important work,” Veire said. Meanwhile, NSM remains dissatisfied with current levels of the public and private sector’s ability to fend off spying, sabotage and terrorism.