On March 25 this year a massive and targeted cyber attack was launched against the Norwegian Military Forces – Forsvaret – according several Norwegian news sources. It is being described as one of the most serious so far. Local experts fear more attacks, capable of paralyzing the entire Norwegian economy.
It is likely that important computer systems are infected, and that information has been lost.
On March 25, hundreds of emails was sent to high-ranking officers in the Norwegian military – Forsvaret. The message was disguised as a regular message from the public directorate, written in perfect Norwegian, with an innocent looking file attached. One person opened the file – and the fight was on.
According to the military spokespersons, the computer where the infected file was activated did not contain any classified information. The attack was discovered and stopped before any sensitive or confidetial information was stolen.
But some data was stolen. It is still unknown how much, and what, information that has been stolen, says Major Ivar Kjaerem at the Military Center for Protection of Critical Information, according the newspaper VG.
And I presume its gonna stay that way…
Cyber attack against Norway have become more like an online game, specially after last years Peace Prize award.
The Norwegian oil installations in the North Sea was also among the first to detect infections by the Stuxnet worm.
But this one is almost as special as the Stuxnet.
First of all: It seems to have been very well planned, organized and executed. Almost with a military precision.
Secondly: The attackers did already posess detailed information about the Norwegian military as they were able to target between 200 and 300 high-ranking and influential officers.
And third: I happens the day after Norwegian Air Forces has their first raid over Libya.
When it comes to the last point, no one can say for sure if there is any connection or not.
However, the incident has surely scared the Norwegian military who characterize it as one of the most serious cyber attacks so far.
And the military spokesman seem to suddenly have realized that we ain’t seen nothing, yet.
I belive it is some kind of recognition mission, an attempt to map our systems and possible vulnerabilities, Major Kjaerem says, indicating the expectation of new attacks.
And, of course, the military spokesman underline that they managed to stop this one, and the possibility of anyone penetration the Norwegian military’s security system is very low.
Here’s come the part when I have trouble not laughing…
So, they managed to stop the attack? Our brave soliders? Well, this is what really happened:
The email was received on a Friday afternoon. But some hyperactive warlord decided to pop by the office on Saturday, just to check if we’ve had hit Gaddafi and check the mail and stuff, You know.
What happens next is described by the newspaper VG as follows:
The sender, who was named in the email, did not exist, and it was the aware receiver who raised the alarm because it was something else attached to the email than the annual report from the Directorate. The attachment behaved strangely, and the person became suspicions.
Well done! boys and girls.
Quite frankly, I’m speechless…
Anyway – last year the Norwegian National Security Authority warned against the threats from cyberspace in their recent 2010 report.
The report states:
It is likely that important computer systems are infected, and that information has been lost.
We we regard it as a very serious matter when the Norwegian military gets attacked like this, says spokesman Kjetil Veire with the National Security Authority.
Adding: When it comes to infected computers, we fear there is a large dark zone. What we have seen here might just be the tip of an iceberg.
No kidding!
But finally security expert at the company Steria, Stein Moellerstad, put the closet in the right corner:
The number of attacks against the Norwegian military will increase. And they can cause more serious damage because the flow of information through the internet has become so huge that both the military and the rest of the public administration has partly lost control.
According to the National Security Authority 2010 report, are cyber attacks capable of paralyzing the entire Norwegian economy in a worst case scenario.
So, now the speculations about who might be behind this are running totally wild.
Local experts say that only about 10 nations in world is capable of launching an attack as this.
That’s bullshit.
Anyone with above average computer skills with a coup;e of buddies to help with the actual launch could do this.
The suspects are millions.
In my mind the most interesting question is: Why Norway?
I mean, we haven’t got much oil left, we’ve sold it all. The same goes for the technology. In other words – not much to spy on.
I assume the NATO material is under a special NATO security facility.
And our famous Oil Fund? Well, we impulsively bought Greek debt for about one billion USD. Perhaps we shouldn’t, but that Greek prime minister look so nice.
The rest is probably gone in a few years anyway as the government will have to pay for all its promises, specially within the health care sector.
It means we don’t have that much money, either.
In fact, I can only see one logical reason to Norway being targeted in this scale:
The European Commission and the External Action Service have been hit by a major cyber attack ahead of a key EU summit where crucial decisions on the future structure of the bloc, countries’ economic strategies and the ongoing war in Libya are to be discussed, according to news reports.
“We’re regularly hit by cyber attacks, but this one’s a big one.”
An internal email seen by the EUobserver.com and sent to all staff warned: “We have found evidence that both the commission and EEAS are the subject of an ongoing widespread cyber attack.”
The commission will not comment on the nature of the attacks due to security concerns, but has confirmed the institutions are indeed the focus of a serious strike.
Meanwhile officials are comparing the attack to an assault on the French finance ministry last year ahead of a G20 meeting.
“We’re regularly hit by cyber attacks, but this one’s a big one,” an EU source familiar with the matter that did not want to be named says.
The commission is currently attempting to assess the scale of the threat underway and in order to prevent the “disclosure of unauthorised information”, and has shut down external access to email and the institutions’ intranet.
All staff have been asked to change their passwords and to send sensitive information via secure email.
One EU source suggested the attack was similar to the massive assault which bombarded the French finance ministry last last year and was described by budget minister François Baroin as “spectacular”.
The authors of the attack had been particularly interested in files on the G20 summit held in Paris in February.
At the time, Patrick Pailloux, the head of France’s National Agency for Information Systems Security described the attack as “pure espionage … one of the most important attacks, if not the most important, ever to target the public administration.”
Some 150 computers were affected. French officials also suggested that some of the information was redirected to Chinese sites.
An EU source suggested that in this case too, China may be among the suspects.
“This is an important summit in many ways. There are people who want to know what the different positions are in what’s being discussed.”
In the attack on Brussels officials are publicly refusing to discuss the scale of the attack or its source.
“We are not speculating on the origin,” EU institutional affairs spokesman Anthony Gravali tells the EUobserver.com.
It is thought to be the first such attack on the External Action Service, although Gravali was keen to downplay this record.
“It’s difficult to say whether this is the first one. So much of the EAS is still technically DG Relex [the external relations department of the commission, the precursor of the EAS],” he says.
The Econotwist’s have been warning about this since last summer when the mysterious Stuxnet worm was discovered at several critical energy and water supply facilities around the world. However, research by Symantec have later reveled that 60% of the infections are found inside Iranian borders. The threat from cyber space has risen to the top of the list over potential global risks in 2011, alongside pandemic diseases and terrorism. The internet, once seen as the solution to all of mans problems, have instead become one of the most severe threats to all of us.
“The primary involvement of states in cyber security, as both protagonists and principal targets, fundamentally changes the nature of the risk.”
By the end of 2010 McAfee Security counted 60.000 new pieces of malicious software being released on the internet every day, the hacker attacks on Java platforms (used in practically every security system, including online banks and the Pentagon) rose by 1.200% last year, and for the first time ever the value of theft of digital assets exceeded the theft of physical assets. And for Stuxnet; that’s only the beginning.
More than 100 foreign intelligence organizations are trying to break into US networks, Deputy Defense Secretary William Lynn wrote in the September/October issue of the journal Foreign Affairs. Some already have the capacity to disrupt U.S. information infrastructure, he says.
The US government’s main code-making and code-cracking agency now works on the assumption that foes may have pierced even the most sensitive national security computer networks under its guard, Reuters reports.
“There’s no such thing as ‘secure’ any more,” Debora Plunkett of the National Security Agency said last month, amid US anger and embarrassment over disclosure of sensitive diplomatic cables by the web site WikiLeaks.
“The most sophisticated adversaries are going to go unnoticed on our networks,” she said.
Plunkett heads the NSA’s Information Assurance Directorate, which is responsible for protecting national security information and networks from the foxhole to the White House.
“We have to build our systems on the assumption that adversaries will get in,” she told a cyber security forum sponsored by the Atlantic and Government Executive media organizations.
The United States can’t put its trust “in different components of the system that might have already been violated,” Plunkett added in a rare public airing of NSA’s view on the issue.
“We have to, again, assume that all the components of our system are not safe, and make sure we’re adjusting accordingly.”
The NSA must constantly fine tune its approach, she said, adding that there was no such thing as a “static state of security.”
And the US is not the only nation struggling to keep its sensitive data safe.
According to Iain Lobban, head of GCHQ, the UK’s core infrastructure is under constant attack. He says thousands of targeted emails are hitting the systems every month, planting worms that cause “significant disruptions.”
Mr. Lobban’s claims are supported in a national security report, naming cyber attacks as a top threat to the UK, alongside pandemic diseases and terrorism, according to the PC Pro Magazine.
A Global Threat
“Cyberspace is contested every day, every hour, every minute and every second,” the British security expert says.
The international risk analysis company Eurasia Group put cyber security at number 3 amongst the top 10 risks of 2011.
“For the past decade, increasingly technologically capable hackers and organized crime organizations have elevated cyber security as a business risk, but not as a political risk. The centralization of data networks, both in energy distribution (the move to the smart grid) and information technology more broadly (the shift to cloud computing) are now metastasizing the cyber risk, and governments are becoming more directly and actively involved in playing both offense and defense in cyberspace. The primary involvement of states in cyber security, as both protagonists and principal targets, fundamentally changes the nature of the risk. The new roles of governments and their antagonists bring geopolitics and cyber security together in three different ways,”Eurasia writes.
(Link to full report below).
Java Systems Under Heavy Fire
One of the main components in practically every security system today is the Java platform, produced by Oracle.
So it’s no wonder that attacks on the Java system increased by more than thousand percent in 2010.
“The number of attacks against flaws in Java has jumped by 1.000% – even outstripping attacks against vulnerabilities in Adobe PDF’s,” Microsoft says.
The attacks against Java code – not the Java script – rose from 500.000 at the beginning of last year to about 6 million in the last quarter of 2010.
Even if Oracle have manged to patch the vulnerabilities in Java, the have the same problem as Adobe – people forget to update their software.
And on top of that; Java is a piece of software that’s used in almost everything, it runs in the background, making more visible components work, PC Pro Magazine points out.
“How do you know if you have Java installed, or if it is running?” researcher at Microsoft Malware Protection, Holly Stewart rightfully asks.
(If you want to know more about Java, click the link below.)
1 in 3 Companies Exposed To Data Theft
According to the latest issue of Kroll Annual Global Fraud Report, suggest that the theft of digital assets has overtaken that of physical stock for the first time ever in 2010.
A Survey, conducted in cooperation with the Economist Intelligence Unit, indicates that the numbers of companies reporting theft of information has risen sharply – from 18% to 27,3% – in 2010.
“There’s a growing awareness among thieves of the intrinsic value of intellectual property,” Kroll vice president, Robert Brenner explains.
The survey also suggest that 88% of the participating companies had been victim of some kind of fraud over the past year, nearly half of them are now fearful of expanding globally because of the cyber threat.
The experts emphasize that the numbers probably not are 100% accurate.
However, the message is pretty clear.
(Download the report below)
The Most Scary Thing
I guess most of you have heard about the Stuxnet worm/virus/malware in the news by now, and are familiar with the speculations that the extremely sophisticated malware might be some kind of cyber weapon, developed by government related scientists somewhere.
I sounds like a plot in James Bond movie – but the truth might be even more vicious.
Davey Winder
According to experts is not unlikely to be a prototype of the first ever cyber-weapon-of-mass-destruction.
Davey Winder, award-winning journalist, business consultant and security expert, explains:
“So what do we know about Stuxnet and the SCADA (Supervisory Control and Data Acquisition) systems? Well, we know that Stuxnet is designed to be disseminated via USB sticks, and that it was developed to exploit specific zero-day vulnerabilities in the Windows operating system. To expand on that a little, Stuxnet actually exploits no fewer than four zero-day Windows vulnerabilities, a statement that alone should set the hair on the back of any security analyst’s neck prickling. Zero-day vulnerabilities are extremely valuable to the shady world of both hackers – where a zero-day is a kudos-generating device – and to criminals where zero-day equals pay-day. It’s relatively rare to see a single exploit being used in a piece of malware, and totally unheard of to see four expended in such a way.”
“Ask yourself, why would anyone waste three highly valuable zero-day exploits in a single piece of code when one would most likely do the job? Security experts recognize that this isn’t the modus operandi of the average hacker, nor the average criminal,” Winder writes in a recent article.
Personally, I believe that Stuxnet 2.0 is already out there – it just hasn’t been discovered yet.
The Internet Nuke Bomb
According to trend analyst, Gerald Celente, CEO and founder of Trends Research Institute, will cyber wars cause stir and come to fore in 2011.
And. as Eurasia, he is concerned about the government’s involvement.
.
Here are some of the other highlights in Mr. Celente’s predictions for the year to come:
Every citizen in 2011 will realize that we are in the “greatest depression”
In 2011, the game’s gonna run out
Digital money, not worth the paper it’s not printed on
The youth of the world has mountains of debt to climb, and no way to get to the top
The greatest fear that governments have is freedom of speech
Your growth industries are the gangs
Crackdown on crime will lead to crackdown on liberties
Drones flying over your city looking in windows
The more government loses control, the harder they crack down
–
You may not take all of Gerald Celente’s forecasts equally serious, but many of the situations he describes is. in fact, common human behavior, observed in times of crisis since the collapse of the Roman empire thousands of years ago and up to our time.
At the latest count by McAfee Security Lab, about 60.000 pieces of malicious software is released on the internet every day.
And here’s how the last six months of 2010 looked like from the security software producer Kaspersky‘s point of view:
So it’s no wonder that attacks on the Java system increased by more than thousand percent in 2010.
A Survey, conducted in cooperation with the Economist Intelligence Unit, indicates that the numbers of companies reporting theft of information has risen sharply – from 18% to 27,3% – in 2010.
EconoTwist's 
Cyber Attack Against Norwegian Military, Massive and Targeted
On March 25 this year a massive and targeted cyber attack was launched against the Norwegian Military Forces – Forsvaret – according several Norwegian news sources. It is being described as one of the most serious so far. Local experts fear more attacks, capable of paralyzing the entire Norwegian economy.
It is likely that important computer systems are infected, and that information has been lost.
National Security Authority
On March 25, hundreds of emails was sent to high-ranking officers in the Norwegian military – Forsvaret. The message was disguised as a regular message from the public directorate, written in perfect Norwegian, with an innocent looking file attached. One person opened the file – and the fight was on.
According to the military spokespersons, the computer where the infected file was activated did not contain any classified information. The attack was discovered and stopped before any sensitive or confidetial information was stolen.
And I presume its gonna stay that way…
Cyber attack against Norway have become more like an online game, specially after last years Peace Prize award.
The Norwegian oil installations in the North Sea was also among the first to detect infections by the Stuxnet worm.
But this one is almost as special as the Stuxnet.
First of all: It seems to have been very well planned, organized and executed. Almost with a military precision.
Secondly: The attackers did already posess detailed information about the Norwegian military as they were able to target between 200 and 300 high-ranking and influential officers.
When it comes to the last point, no one can say for sure if there is any connection or not.
However, the incident has surely scared the Norwegian military who characterize it as one of the most serious cyber attacks so far.
And the military spokesman seem to suddenly have realized that we ain’t seen nothing, yet.
And, of course, the military spokesman underline that they managed to stop this one, and the possibility of anyone penetration the Norwegian military’s security system is very low.
Here’s come the part when I have trouble not laughing…
So, they managed to stop the attack? Our brave soliders? Well, this is what really happened:
The email was received on a Friday afternoon. But some hyperactive warlord decided to pop by the office on Saturday, just to check if we’ve had hit Gaddafi and check the mail and stuff, You know.
What happens next is described by the newspaper VG as follows:
The sender, who was named in the email, did not exist, and it was the aware receiver who raised the alarm because it was something else attached to the email than the annual report from the Directorate. The attachment behaved strangely, and the person became suspicions.
Well done! boys and girls.
Quite frankly, I’m speechless…
Anyway – last year the Norwegian National Security Authority warned against the threats from cyberspace in their recent 2010 report.
The report states:
It is likely that important computer systems are infected, and that information has been lost.
We we regard it as a very serious matter when the Norwegian military gets attacked like this, says spokesman Kjetil Veire with the National Security Authority.
Adding: When it comes to infected computers, we fear there is a large dark zone. What we have seen here might just be the tip of an iceberg.
No kidding!
But finally security expert at the company Steria, Stein Moellerstad, put the closet in the right corner:
The number of attacks against the Norwegian military will increase. And they can cause more serious damage because the flow of information through the internet has become so huge that both the military and the rest of the public administration has partly lost control.
According to the National Security Authority 2010 report, are cyber attacks capable of paralyzing the entire Norwegian economy in a worst case scenario.
So, now the speculations about who might be behind this are running totally wild.
Local experts say that only about 10 nations in world is capable of launching an attack as this.
That’s bullshit.
The suspects are millions.
In my mind the most interesting question is: Why Norway?
I mean, we haven’t got much oil left, we’ve sold it all. The same goes for the technology. In other words – not much to spy on.
I assume the NATO material is under a special NATO security facility.
And our famous Oil Fund? Well, we impulsively bought Greek debt for about one billion USD. Perhaps we shouldn’t, but that Greek prime minister look so nice.
The rest is probably gone in a few years anyway as the government will have to pay for all its promises, specially within the health care sector.
It means we don’t have that much money, either.
In fact, I can only see one logical reason to Norway being targeted in this scale:
It’s just too damn easy!
Related by the Econotwist’s:
Related articles
4 Comments
Filed under International Econnomic Politics, Laws and Regulations, National Economic Politics, Technology
Tagged as Cyberwarfare, Financial Markets, Health and Environment, International Econnomic Politics, International Politics, Law & Regulations, Libya, National Politics, Nobel Peace Prize, Norway, Sience and Technology, Stuxnet, Technology, United States, Verdens Gang, Views, commentaries and opinions, War on Terrorism, Warfare and Conflict, Wikileak