During the past week, the Norwegian parliament experienced a cyber-attack and some elected members’ email accounts, as well as officials, were compromised, the national assembly and a counter-intelligence agency said on September 1.
In a press release, Stortinget director Marianne Andreassen said the hackers breached email accounts of elected officials and employees and stole different quantities of information.
Andreassen said the incident is under investigation at the moment, and so they couldn’t provide further information such as who was behind the attack or how many numbers of accounts compromised. The Norwegian National Security Authority (NSA) was called in after the incident was discovered to tackle the attack and to find more information about the attack.
The incident is currently being investigated by Norway’s intelligence service and Stortinget has already begun to alert the affected members and employees about it.
According to the local press, who first broke the news of the attacks, it was also reported that the IT workers of the parliament shut down their email service to prevent the hackers from obtaining further data.
Andreassen said the parliament had found a few irregularities about a week earlier. They have introduced several urgent risk-reducing steps to halt the attack. He added that the effect of those measures was immediate. It did not reveal specifics of what kind of cyber-attack was used against the Norwegian parliament or who was responsible for it.
Incident response: Steps taken by the Government of Norway
The Norwegian Parliament Storting had told the Norwegian National Security Authority (NSA) of the cyber-attack incident. On 1 September 2020 an official complaint was also lodged.
The complaint included evidence of the classified information theft, unauthorized access to parliament members’ email accounts, to assist police in carrying out further inquiries. Leaks by an opposition party spokesman indicated that the Cyber-attack was also conducted on a few Labour Party representatives. Detailed information is yet to be discovered on the hackers’ action plan, purpose of the attack, motive, etc. In the press release Director Marianne said, the last week during which the hackers initiated the attack a significant amount of irregularities in login were reported. Marianne explained that the full scope of the cyber-attack and the amount of data accessed are yet to be enlightened. The suspects are yet to be found as a thorough investigation is under way.
The NSA has been working closely with the Norwegian Government to assist them with the incident response protocol, so that there is no repeat of such an occurrence. A tweet was posted online by the Norwegian Police Security Service, claiming that they will take over the cyber-attack investigation until they receive the same official police report.
Parliamentary Members Hit by Cyber-attack
Reports have confirmed that the cyber-attack has targeted Conservative Party members in Norway. The Conservative Party is the coalition government of Norway’s ruling party. But the names of the exact party members whose email addresses were compromised have not yet been released.
In addition, the attack had also targeted members and staff of the largest opposition party, the Labour Party. Government has yet to confirm the specifics on the hacked documents.
Manage Cyber Threats with a Team of Threat Intelligence Services
Cybercriminals are continuing to refine their methods of targeting to outsmart defence teams. However, a recent study found that an average of 87 per cent of attacks could be avoided by organizations. Preventing breaches effectively allows a security team to rapidly identify new attack vectors, detect new threat tactics and respond to a changing threat environment.
To identify new threats effectively, companies need to use a variety of sources, as well as novel detection techniques. Today’s companies are increasingly relying on machine learning and artificial intelligence technology to recognize anomalous activity and to detect and prevent previously unseen zero-day exploits. They use detection systems that absorb a wide range of intelligence and operational data about risks, run regressions and simulations, and generate high-quality signals that suggest an anomaly for further investigation.
As well as using machine learning for threat detection, powerful intelligence teams are proactively searching for malicious activity in the organization’s infrastructure. They also scour the Internet, social media and the dark web for stolen data and information about key executives and business operations that could be used for social engineering, spear phishing, or scams. The Mitre Attack System as a guide offers awareness of common strategies utilized by adversaries.
Why opt Teceze as your Security Service?
Large companies sometimes employ in-house cybersecurity specialists to handle certain complex services (including penetration testing, a security operations centre, threat hunting etc.). Smaller businesses mostly outsource those services to a managed security service provider. Savvy companies do their due diligence when considering outsourcing of security services, partner with reliable service providers and develop comprehensive service level agreements.
A three-pronged approach will help minimize the risks for your business when handling cyber threats.
- 1. Prevent –
Preventive measures continue to change constantly, from the security protocols and awareness programme of an enterprise to the practical use of technology teams for access controls. Preventive measures continue to change constantly, from the security protocols and awareness programme of an enterprise to the practical use of technology teams for access controls.
- 2. Detect –
It is important that adequate controls are selected and implemented for the timely identification and notification of compromises. Strong groups track sensitive properties.
- 3. Respond –
Detection without response is meaningless. Successful organizations respond to security incidents in a timely manner to minimize the business impact.
During the past week, the Norwegian parliament experienced a cyber-attack and some elected members’ email accounts, as well as officials, were compromised, the national assembly and a counter-intelligence agency said on September 1.