The Norwegian Government Security and Service Organisation (DSS) has detected a cyberattack on the ICT platform used by 12 ministries. The matter is currently being investigated by the police.
“We are taking this incident very seriously. The Norwegian Government Security and Service Organisation (DSS) is cooperating closely with the National Security Authority (NSM) and the police. They have implemented a number of measures in response to the attack and we are following the situation very closely,” said Minister of Local Government and Regional Development, Sigbjørn Gjelsvik.
“It is important to stress that the government is continuing to work as normal. DSS has initiated a number of security measures to protect the information on the affected ICT platform. Additional security measures may be required. This will be assessed on an ongoing basis,” continued Gjelsvik.
Elliott Wilkes, CTO, Advanced Cyber Defence Systems (ACDS), said “There have been a number of significant cyberattacks on Norwegian businesses and government entities over the past few years. In 2021, the Norwegian Parliament’s email systems were attacked by groups with ties to China. In 2022, a pro-Russian hacker group known as Killnet launched a denial of service (DDoS) attack against Norwegian public service websites. Later in 2022, the Norwegian PM publicly named the threat posed by Russian to Norway’s government and energy sector in particular, due to Norway’s military and humanitarian assistance in Ukraine.
“While details on the latest attack are limited, it does appear that business systems like email were affected for up to a dozen government agencies in Norway. This is yet another reminder of the urgency needed to assess and mitigate security vulnerabilities in suppliers, as this attack has been attributed to a weakness in an IT supplier. With the MOVEit attack earlier this year and countless others like the VMware attacks and SolarWinds, it is crucial that organisations regularly review the permissions and privileges granted to systems and software they use. Limiting access, relying on the principles of least privilege and just-in-time access provisioning (versus having an admin account used every day for all non-admin functions) are some of the ways businesses and government teams can mitigate risks posed by vulnerabilities in suppliers’ tools.”
Click below to share this article