Norway’s Telenor hit by cyber espionage campaign

Attackers stole files and emails from unnamed executives at Norwegian telecoms provider Telenor

Norwegian telecoms provider Telenor has been hit by a major cyber espionage campaign, carried out by attackers who stole files and emails from unnamed executives.

The company has reported the matter to the police and the national CERT, but said the breach had been detected quickly and steps had been taken to prevent future incidents, according to local reports.

Telenor has also notified Norway’s national security authority and the cyber defence unit.

The attackers used phishing emails that appeared to come from trusted contacts to trick executives into downloading malware designed to steal login credentials, emails, and personal and commercial data.

Telenor’s security director Rune Dyrlie told local media the attackers were able to download information, but it is still unclear what who was behind the attack and what they were after.

The cyber espionage attack was discovered when Telenor’s monitoring systems flagged abnormal traffic between the computers of Telenor executives and unknown IP addresses in various countries.

Earlier this month, Norwegian officials revealed that at least 20 sophisticated cyber attacks, apparently originating from China, were launched against high-profile organisations, according to Softpedia.

The attack highlights how even security-conscious companies are at risk from attacks that use botnets and stealthy malware, said Terry Greer-King, UK managing director for security firm Check Point.

“Our 2013 Security Report showed that 63% of private and government organisations worldwide were infected with bots that they didn’t know about,” he said.

The report also showed that 53% of those hijacked computers were infected with new malware at least once a day as a result of existing infections on their networks.

Some 70% of the bots detected in 2012, across more than 800 companies worldwide, communicated with their external command and control centres at least every two hours.

“Companies need multiple layers of protection, and security-aware employees to defend against these attacks,” said Greer-King.


Read more on Privacy and data protection