Norway Hit by Advanced Targeted Cyber Attacks

The threat in the cyber domain is something the entire society must address, as indicated by the NSM report “National Digital Risk Picture 2023.”

This summer, an advanced cyber attack targeting 12 Norwegian ministries was uncovered. Public administration, high technology, and industry remain the most vulnerable sectors to cyber operations. NSM has also noted more and more severe incidents against the defense sector in the past year.

“Cyber attacks are professionalized and targeted. And it’s not going to change. Cybersecurity must be prioritized to avoid significant societal consequences,” says Sofie Nystrøm, Director of the Norwegian National Security Authority (NSM).

Support for Ukraine

Since the summer of 2022, NSM has observed a sixfold increase in the number of denial-of-service attacks compared to the previous three years combined. What’s new is that entities in the transport, finance, and health sectors have become targets for denial-of-service attacks.

“In many denial-of-service attacks, Russian-speaking hacktivists claim that the motivation for the attacks is Norway’s support for Ukraine. It is likely that denial-of-service attacks will continue to affect Norwegian entities in line with Norwegian support for Ukraine,” says Nystrøm.

Denial-of-service attacks have, in many cases, led to Norwegian websites being unavailable for a limited period. Nystrøm explains that it is usually about gaining attention and causing unrest, adding that this should not be taken lightly. The attack method may be evolving.

“Experience from abroad shows that attacks are becoming more sophisticated, harder to detect and protect against. Denial-of-service attacks can also be part of larger and more complex cyber operations, where denial of service is primarily used to create disturbances and divert attention,” warns Nystrøm.

Artificial Intelligence

Internationally, attackers are becoming increasingly professional. NSM also sees signs of this trend in Norway. NSM expects that developments in artificial intelligence and large language models will make it even more challenging to distinguish between what is true and what is false.

“Technological development enables a type of proliferation and increased automation of fraud, disinformation, and espionage in ways we don’t fully see the consequences of today,” says NSM Director Sofie Nystrøm.