A dozen Norwegian government ministries have been hit by a cyberattack, the latest to strike the public sector of Europe's largest gas supplier and NATO's northernmost member. The authorities there appear to be playing a cool hand, and are showing no signs of panic.
"We identified a weakness in the platform of one of our suppliers. That weakness has now been shut," said Erik Hope, head of the government agency in charge of providing services to ministries.
The cyberattack was identified due to "unusual" traffic on the supplier's platform, Hope said, declining to provide specifics. It was uncovered on July 12th and was being investigated by police, he added.
"It is too early to say who is [behind] this and what is the extent of the impact," he said.
Norway is Europe's largest gas supplier, after a drop in Russian gas flows, and Western Europe's largest oil exporter.
The premer’s office as well as the foreign, defence, and justice ministries were not affected because they use a different IT platform, said Hope.
Norway's state sector has been hit by cyberattacks beore. In June 2022, it suffered a distributed denial-of-service (DDoS) attack, blamed on a "criminal pro-Russian group."
NATO member Norway shares a border with Russia in the Arctic and supports Ukraine with weapons, humanitarian aid, and money.
The number of cyberattacks tripled between 2019 and 2021, the country's cybersecurity agency said in February, with the number of serious incidents in 2022 remaining at the same level as the previous year.
Meanwhile, cybersecurity observers have praised the Norwegian government’s prompt disclosure of the incident.
"It’s incredibly rare to receive such a pragmatic, succinct comment from a cyberattack victim,” said Brian Higgins, security specialist at Comparitec. “None of the usual ‘we take our client’s security seriously’ or ‘this was a sophisticated cyberattack’ nonsense. Just a mature assessment of events.”
Expressing faith that Norway’s authorities had things under control, Higgins added: “It would be nice if a few more incident response teams adopted their approach."
More from Cybernews:
Subscribe to our newsletter