The Norwegian Parliament, also known as the Storting, made an extremely shocking revelation by issuing a press release at the end of August 2020. The Parliament revealed that its members had recently been facing cyberattacks, with hackers trying to gain unauthorized access to their email accounts.
The Director of Storting, Marianne Andreassen, disclosed that currently the cyberattack is being examined in detail by security professionals working under the Norwegian government. It has been reported that members of the parliament have also been provided with information on the incident response by cybersecurity experts.
Ever since the cyberattack took place, members of the Parliament are highly concerned regarding the confidential emails that the hackers might have gained access to. They have been concerned about the subsequent governmental information that might have been leaked.
According to the Director of the Norwegian Parliament, the attack was perpetrated majorly on the members of the Parliament. She further stated that different amounts of data have been downloaded from the email accounts of different members.
Security analysts have concluded that the cybercriminals might have been looking for a piece of specified information in particular from some of the victims. This might have been the reason behind the attackers targeting only a small number of selective members of Storting as well as Norwegian MPs in Oslo.
Incident Response: Measures Taken by the Norwegian Government
The Norwegian Parliament Storting reported the cyberattack incident to the Norwegian National Security Authority (NSA). An official complaint was also lodged on the 1st of September, 2020.
The complaint contained reports of the burglary of confidential information, and illegal access to email accounts of parliament members, to aid the police in carrying out further investigation. Reports by a spokesperson from the opposition party have revealed that the cyberattack was also perpetrated on a few members of the Labor Party.
Detailed information on the plan of action of the hackers, nature of the attack, motive, etc. is yet to be discovered. Director Marianne has stated in the press release,
“We have taken this matter very seriously, and we have full attention to analyzing the situation to get an overall picture of the incident and the potential extent of the damage.”
She also said that a significant amount of irregularities in login was recorded in the past week during which the attack was initiated by the hackers. Marianne clarified that they are yet to be enlightened about the full extent of the cyberattack and the amount of data accessed. While a full-fledged investigation is under process, the criminals are yet to be identified.
The NSA has been constantly working with the Norwegian government to aid them with the incident response procedure so that a repetition of such an event doesn’t occur. The Norwegian Police Security Service posted a tweet online, stating that they would be taking over the investigation of the cyberattack once they receive the official police report on the same.
Members of the Parliament Affected by the Cyberattack
Reports have disclosed that members of the Conservative Party in Norway were affected by the cyberattack. The Conservative Party is the ruling party of Norway’s coalition government. However, the names of the exact party members whose email accounts had been hacked have not been disclosed as of yet.
Furthermore, members and staff of the main opposition party, the Labor Party, have also been affected by the attack. The details of the information hacked are yet to be confirmed by the government.
Cyber Attack Prevention and Response
To protect against data breaches and hacking activities by cybercriminals, it is necessary to make leading-edge VAPT services, a part of your organization. A Vulnerability Assessment and Penetration Testing program ensures that all your organization’s networks, applications, servers, Cloud, and IoT devices are secure.
It works by performing a detailed reconnaissance of the server or application, its features, and architecture, in consultation with the company’s development team. Based on the collected information the pen-testers implement a “Red Team” approach to impersonate real-life cyberattacks.
To reduce the impact, they schedule the dummy simulation, either on a dummy environment or during times of lowest network activity (lowest traffic). In the next stage, pen-testers run vulnerability scanners to search for the possible vulnerabilities that may be present in the platforms, APIs, technology framework, etc. This step is known as Vulnerability Assessment.
In Penetration Testing, the pen-testers run exploits on the application, server, or network to evaluate how secure it is. They make use of custom scripts, open-source exploits, and in-house tools to achieve a high degree of penetration.
In the concluding stage, pen-testers generate concise and comprehensive reports on the vulnerabilities that have been discovered. They provide the company with detailed discussions on the nature of the vulnerability, its impact, threat level, and recommendations on how to remove it.
As an additional measure to ensure cybersecurity in your organizations, CISOs may also include security awareness and training programs as a part of their workplace security policy.
As employees are considered to be the weakest link in an organization, a well-rounded cybersecurity awareness and training program will help spread awareness of attack vectors. Informing employees about social engineering attacks will prevent them from easily falling prey to manipulations by cyber attackers.