300 oil companies get hacked in massive cyber attack in Norway

A Government official is reported to have claimed that approximately 300 oil and energy companies in Norway have been hit by one of the biggest cyber-attacks ever to have happened in thisย Scandinavianย country.
This was first reported by The Local and Dagens Nรฆringsliv which stated thatย the National Security Authority Norway (Nasjonal Sikkerhetsmyndighet, NSM) has detailed how 50 companies in the oil sector were hacked and how another 250 have been warned that they may have been hit too.
ย 
NSM ย which is Norway’s cyber crime prevention authority, an equivalent of CERT-UK in Great Britain has warned companies about the newest threats. It took part of the CyberEurope2014 exercise in June.
The companies themselves haven’t been named โ€“ although NSM is investigating whether the computer systems at Statoil, Norway’s largest oil company, were targeted. ย Prima facie it seems that Statoil was able to fend of the attack. ย Statoil claimed it โ€œhas controlโ€ over the attack. ย It also confirmed that it was among the firms who were target of a โ€œmassive and advancedโ€ attack by hackers last year that went on for three days.ย Technical details are also few and far between at this moment in time.
ย 
This isn’t the first time this type of attack has hit Norwegian shores, with ten oil, gas and defence sector firms hit via targeted spear-phishing emails in 2011. The unidentified hackers made off with industrial drawings, contracts and log-in credentials.
โ€œItโ€™s a big, bad world out there,โ€ wrote John Knight, Statoilโ€™s strategy director, in an update on the companyโ€™s internal website earlier this summer. Newspaper Dagens Nรฆringsliv (DN), which broke the news this week aboutย the national security agency (NSM)โ€™s warnings to as many as 300 Norwegian companies, reported Thursday that Statoil faced an even more serious situation last year.
โ€œIt started on March 12,โ€ recalled Statoil IT director Sonja Chirico Indrebรธ. She told DN that it prompted Statoil to confiscateย 40 computers from its employees who hadnโ€™t even noticed that unknown hackers were using them to get around Statoilโ€™s security systems.
The attack involved the hackersโ€™ earlier success at breaking into the website of a well-known international company that gathers data on the oil industry. Statoil declined to identify it, but DN reported that itโ€™s a site Statoil employees regularly log into with a user name and password, to gain access toย its exclusive data for whichย Statoil reportedly pays large sums.
Alarms rang when Statoilโ€™s Intrusion Detection System (IDS) discovered that someone was trying to download code into some of Statoilโ€™s employeesโ€™ computers.ย Statoilโ€™s IT experts then saw that the code tried to enable communication with so-called โ€œblack lists,โ€ areas within Statoilโ€™s systems that arenโ€™t related to ordinary business operations.
โ€œOur employees were naturally surprised when we called and told them that we had to confiscate their PCs because we suspected theyโ€™d been attacked,โ€ Indrebรธ told DN. The employees hadnโ€™t noticed anything, but had received a message when logging into the international data website to click on a java page. That set off the process of downloading the dangerous code.
Other energy companies also ended up under attack, which Indrebรธ described as โ€œadvanced,โ€ not least because the dangerous code was altered while the attack was in progress, indicating someone was monitoring it. Statoilโ€™s team battled the attack for three days until it was successfully fended off on March 15.
Indrebรธ said Statoilโ€™s defense systems blockย around 2,500 emails sent to the company every week, because of suspicious files and content. โ€œEvery month the virus alarm sounds a few thousand times,โ€ she added. At a time of widespreadย cost-cutting at Statoil, computer security is one area thatโ€™s expected to grow. Knight, the member of Statoilโ€™s top management in charge of strategy, wrote that cyber criminals are getting increasingly sophisticated and potentially dangerous, and employees are urged to be extra vigilant.
Abhishek Kumar Jha
Abhishek Kumar Jha
Knowledge is Power

Read More

Suggested Post