Norway’s police intelligence unit PST suspects that a “serious” hacking attack on the computer systems of the country’s largest regional health care agency was carried out on behalf of a foreign state. The January 8 attack on Helse Sør-Øst may have put the health care files for more than 2 million Norwegians at risk.
“This is a serious situation,” said new Justice Minister Sylvi Listhaug on Thursday, just a day after taking on her new role after this week’s major government reshuffle. She and government colleague Bent Høie, Norway’s health minister, called a press briefing late Thursday afternoon to reveal what they could about the attack.
“So far it doesn’t look like it has affected patient security, patient treatment or patients’ electronic health files, but we can’t rule out the last,” Høie said. He said the case had the highest priority, and that “all available resources” were being poured into investigating the attack and the extent of damage. “This will take some time,” Høie added.
‘Advanced and professional’ attack
PST has said they don’t know who’s behind the attack, which was discovered by Sykehuspartner, the company responsible for all of the state-owned Helse Sør-Øst’s computer systems. The regional public health agency for southeastern Norway covers all hospitals and health care records for around 2.8 million residents of Østfold, Akershus, Oslo, Hedmark, Oppland, Buskerud, Vestfold, Telemark and the Agder counties.
It was on Monday January 8th that Sykehuspartner registered “abnormal activity” against Helse Sør-Øst’s systems all over the southeastern region. Helse Sør-Øst was informed immediately and efforts were made to halt the intrusion. The abnormal activity was described as being “quite advanced and professional.”
“This type of activity shows that we must work constantly with computer security,” Høie told reporters. “Helse Sør-Øst has earlier acknowledged that they have had an information technology system that hasn’t been good enough.”
Working to ‘limit the consequences’
It remained unclear why the investigation so far indicates hackers working for a foreign state. “This is a serious situation and measures have been made to limit the consequences,” Listhaug said. “It’s serious that someone manages to break into our system.”
She wouldn’t say who or which state may be behind the attack. “This case is under investigation, so I can’t comment,” Listhaug said. PST is investigating the case, however, as a possible violation of Norwegian law involving espionage against state secrets.
“There is a suspicion that someone, on behalf of a foreign state, is gathering information that, if it becomes known for such a a state or can be revealed, can damage fundamental national interests regarding state infrastructure,” Line Nyvoll Nygaard, prosecutor for PST, said earlier in the week. “That can include information about health care preparedness.”