Norway has accelerated plans to scale up its national security infrastructure against threats emanating from the cyber domain.
Recent intelligence reports more than suggest that Norway’s critical IT infrastructure will likely face a higher level of targeting in the shape of malicious cyber attacks launched by hostile foreign governments and cyber crime actors.
To counter this ever-present risk, conservative prime minister Erna Solberg has mobilised the country’s national security infrastructure, including the Norwegian Defence Force’s (NDF) specialist cyber defence unit (CDU), under an umbrella-style partnership that includes strategic input from private sector ICT suppliers.
The government’s heightened interest in waging war against cyber threats became clear in January 2018, when it contracted state telecom Telenor to advise departments on best practice in the implementation of effective cyber defence strategies. The emphasis is on using advanced technologies and security measures to protect critical ICT systems.
The evolving public-private sector alliance is taking place against a backdrop of rising cyber attacks against state-run infrastructure, including the public transport company NSB, military sites and hospitals.
The partnership, which will link to a new government policy initiative to reinforce ICT security on a national level, is timely. It comes in the wake of a serious cyber attack launched in January against Helse Sør-Øst, Norway’s largest regional healthcare provider.
The preliminary results of an investigation by the national security agency PST (Politiets Sikkerhetstjeneste) indicated the attack was the work of an international cyber crime group operating on behalf of an unidentified “foreign state”. The “attackers” penetrated the outer wall of the HSO’s security shield but failed to gain access to the targeted patient data system. This system contained over two million separate patient and medical files.
Read more about cyber security in the Nordics
- Sweden is tightening up its cyber security defences as part of a wider national security strategy.
- Nordic and Baltic government leaders discuss pooling technologies and competences to counter hybrid threats within the cyber security domain.
- Major cyber attacks and security breaches often make headline news these days – and their impact on the Nordic region has been growing.
- The Swedish Transport Agency exposed sensitive information by transferring its databases to a third-party cloud provider without following data protection procedures.
An identical outer wall system “breach” was recorded at Oslo University Hospital (Oslo Universitetssykehus), Norway’s biggest medical facility, which operates as part of the HSO organisation.
“Unfortunately, this type of cyber threat is becoming more prevalent. Patient security wasn’t affected, but all malicious hacking events like this are serious. This is why the government wants to do much more to prevent such attacks and better defend Norway’s critical IT systems against all hostile actors,” said Justice Minister Sylvi Listhaug.
The PST was alerted to the cyber attack against the HSO by Sykehuspartner, the healthcare organisation’s IT security partner. The PST described the attack as “quite advanced and professional”, adding that it is cooperating with all critical service providers in Norway to ensure that their ICT systems are capable of withstanding sustained attacks from cyber space.
“The suspicion we have is that someone, on behalf of a foreign state, is gathering information. If the client state can be revealed, this is a source of fundamental damage to our national interests and a threat against state infrastructure,” said Line Nyvoll Nygaard, a prosecuting attorney at the PST.
The Norwegian government’s partnering with Telenor represents both a logical and strategic component in its cyber defence capacity building mobilisation project. Around 80% of all domestic data traffic is carried on Telenor-owned networks.
In a connected state-funded programme, Telenor will deepen its cyber defence competence exchange collaboration with the NDF, delivering a range of tools and solutions to the CDU.
Significantly, the cooperation agreement reached between the NDF and Telenor covers the development of enhanced digital-based security tools to protect significant military events, such as joint NDF-NATO exercises, against the prying digital eyes and ears of “foreign agencies”.
Not only is the NDF concerned about cyber space surveillance of its activities, the organisation is increasingly on high alert against the potential for cyber-warfare-type “strikes”, and “disruptive interference” against the battlefield management command ICT-systems used to coordinate and direct large-scale military manoeuvres.
Closer cooperation in the cyber defence domain with Telenor will ensure important resources are available at the times they are required, said Major General Inge Kampenes, head of the NDF-CDU.
Telenor’s national role in Norway’s Total Defence System, which combines military and civil emergency preparedness, was elevated in 2017 as part of the government’s increased capital investment into high-priority cyber security projects.
“We will examine vulnerabilities and potential risks, and work together to develop expertise and exchange information about incident threats. We will analyse methods of attack and different malware in the cyber domain,” said Kampenes.
The collaboration between the NDF and Telenor is heavily weighted towards strengthening the military organisation’s crisis management expertise. Cooperation also aims to enhance the NDF’s ability to both protect and safeguard the operation of critical infrastructure as it relates to national security and emergency preparedness.
“Alongside the growth of increased digital dependency and vulnerability, it is natural we focus more on national emergency preparedness and our ability to react,” said Kampenes.
Cyber security tools
Telenor, in collaboration with the NDF-CDU, plans to roll out advanced cyber security tools ahead of NATO’s upcoming Trident Juncture 2018 exercises.
Hosted by Norway, the multi-branch Trident Juncture exercise will run during October and November of 2018. It will involve the deployment of up to 50,000 troops, and become NATO’s biggest military training operation since the fall of the Berlin Wall and the end of the Cold War era.
“We must be prepared for added security challenges. An exercise of this scale will attract a lot of international attention. We expect a greater load on our network,” said Berit Svendsen, head of Telenor Norge.
Propelled by the lure of mutual advantage, Norway’s leading business and industry chiefs are displaying a keen desire to join state-led cyber security projects. The primary driving force behind this mood of positive cooperation is powered by the universally accepted consensus, within the private sector, that the selective sharing of resources and professional expertise offers the best means to combat future threats from cyber space.
A survey conducted by BDO Norway, released in January, found cyber threats against ICT systems surpassed the risk of an economic downturn or financial crisis as the single biggest fear among 1,500 of the country’s top business and industry leaders.
Some 25% of senior Norwegian executives, in the BDO survey, conceded their companies were not adequately prepared or equipped to defend their computer systems and networks against professional and sustained malicious attacks from cyber space.
“Companies in Norway still have a long way to go in building organisations that can manage IT and cyber risks in the same way as other business risks,” said Chris Culina, head of BDO Norway’s operational IT security services department. “It’s a strange observation to make. It’s comparable to worrying about burning but failing to install smoke detectors.”