Friday, November 18, 2011

APT: Norway's Critical Infrastructure Target of Ongoing Phishing Campaign

Via -

Norwegian news agencies report that several top companies have been targeted in an ongoing phishing campaign and could be one of the largest cases of data theft in the country.

Few details have been released so far but online 'Views and News from Norway' reports that 'National security unit NSM (Nasjonal sikkerhetsmyndighet) and police intelligence unit PST (Politiets sikkerhetstjeneste) believe the goal of the computer spies is to gather information on secret contracts, industrial drawings, user names and passwords' according to their source the newspaper 'Aftenposten'.

Top executives in organizations at the heart of Norway's critical infrastructure are said to have been targeted in a long running phishing attack. Malicious programs that locate and extract senstive information are thought to have entered computer systems by tricking key employees into clicking on attachments to emails sent by the data spies in a sophisticated and ongoing campaign.

None of the companies in the attacks have been named and investigations are continuing into the latest attack that happened earlier this month.


From the AP:
Data from Norway's oil and defense industries may have been stolen in what is feared to be one of the most extensive data espionage cases in the country's history, security officials said Thursday.

Industrial secrets from companies were stolen and "sent out digitally from the country," the Norwegian National Security Authority said, though it did not name any companies or institutions that were targeted.

At least 10 different attacks, mostly aimed at the oil, gas, energy and defense industries, were discovered in the past year, but the agency said it has to assume the number is much higher because many victims have yet to realize that their computers have been hacked.


The agency said in a statement that this type of data-theft was "cost-efficient" for foreign intelligence services and that "espionage over the Internet is cheap, provides good results and is low-risk." Veire would not elaborate, but said it was not clear who was behind the attacks.

The attacks often occurred when companies were negotiating large contracts, the agency said.

Related blog entries...

May 23, 2011 - Targeted Attack: Norway Army Says Faced Cyber Attack After Libya Bombing

No comments:

Post a Comment