Norway's Energy Sector Torn Open By Trojan Attack
Country's security agency describes attack as "very serious"
By John E Dunn
November 19, 2011 — CSO — Norway's energy sector appears to have been hit by a "very serious" targeted attack in which large amounts of highly sensitive data were lost from some of the country's most important companies.
What is being described by news sources in the country has the hallmarks of a typical, industrial attack in which custom Trojans gets behind a company's security defences using social engineering emails directed to named individuals.
What has unsettled Norway's National security agency (NSM), which has been investigating the matter, is the length of time the malware appears to have been operating without detection and the sheer scale of the attack.
With a large number of oil, gas and even defence companies reportedly involved - none of which have been named - data stolen is said to include industrial drawings, user names and passwords and contacts.
"The attacks are, in method and technology, very advanced," NSM official Eiliv Ofigsb told Norwegian newspaper Aftenposten. "We were surprised when we began with an analysis of several different attacks and discovered the similarities among them."
"The last reported incident occurred this month and we're still working on it," Ofigsb said.
Norway's economy is heavily dependent on its oil and gas industries, which has made it one of the wealthiest countries in the world and kept afloat a relatively high state spending.
The attacks are not the first to hit Norway in recent times. In 2010 the NSM reported similar attacks on industrial control systems used in the country's oil and gas sector without specifying the companies involved. The new attacks are believed to be on an even larger scale.
The country's military also reported a serious attempted incursion on 25 March this year. Officially, no data was lost during this incident but it clearly left senior officials shaken that a country that considers itself on the fringes of political controversy should find itself under attack.
Read more about data protection in CSOonline's Data Protection section.