Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Norway. Show all posts

Cyberattack Halts Operations at Norway's Largest Publisher Amedia

 

Amedia, one of the largest media firms in Norway, announced on Tuesday that it fell victim to a cyberattack that forced it to shut down multiple computer systems. 

The company publishes more than 70 newspapers for 2.5 million Norwegians and the attack prevented the firm from printing Wednesday’s edition of physical newspapers. The hack also impacted the company’s advertising and subscription systems, restricting advertisers from purchasing new ads and stopping subscribers from ordering or canceling subscriptions. 

The company has not provided clarification on the extent of the breach. Hence, it remains unclear if subscribers’ and employees’ credentials and private details were compromised. The subscriber data contains names, addresses, phone numbers, and the subscription history of customers while employee data includes employment conditions/agreements, Social Security numbers, and salaries.

“We are in the process of gaining an overview of the situation, but do not yet know the full potential for damage. We have already implemented comprehensive measures to limit the damage and to restore normal operations as quickly as possible,” said Executive Vice President of Technology, Pål Nedregotten in a translated statement on the company’s website. 

“Amedia now works on the basis that customer data can be compromised. If personal information has gone astray, those affected will be informed as soon as possible. This will apply to both customers and employees. In such a case, the Data Inspectorate will be notified of what has happened and how we work with mitigating measures,” Nedregotten added.

The company also did not mention the vulnerability exploited. A Twitter user who claims to be a security researcher from Norway says the attacker exploited CVE-2021-1675 - the PrintNighmare vulnerability - to gain initial access and for subsequent lateral movement. 

The attack on Amedia is the third major Norwegian cyberattack reported over the last several days. Nortura, one of the country’s leading food producers, revealed on December 21 that it was forced to shut down its IT systems after suffering a cyberattack at multiple factories. The company said it is investigating the incident with help from the police, and that it is focusing on minimizing damage to systems and operations.

Russian embassy responds to Norwegian allegations of cyberattack

Hacker groups APT28 and Fancy Bear may have been involved in a cyber attack on the Norwegian Parliament in August 2020. This statement was made on Tuesday by the Norwegian Police Security Service.

Police say the operation was likely carried out by cyber groups, known publicly as APT28 and Fancy Bear. According to them, they are connected with the Russian military intelligence GRU, and more specifically with its main headquarters for special operations.

The Russian Embassy in Norway expressed on Facebook on Tuesday the opinion that Norway's accusations of Russia in hacker attacks without providing evidence are unacceptable and do not contribute to strengthening the dialogue.

"Accusations without evidence in a highly likely regime are unacceptable. Unlike Norwegian politicians, Russia is careful to maintain a dialogue with Norway and even more cherish the centuries-old friendship and cooperation with the Norwegian people,” stressed they.

"One more request to journalists and experts — if you comment on any statements of the special services, follow the professional code, namely: do not publish hastily the" hottest" news if you have no evidence,“ concluded the Embassy.

On September 1, the Parliament of the Kingdom reported that it was subjected to a cyber attack, as a result of which unknown hackers gained access to the email of a number of deputies and employees of the legislative body. According to Marianne Andreassen, the administrative head of the Parliament, a number of immediate measures were taken to stop the attack. The Norwegian Police Security Service later said it would investigate whether "any state" was behind the cyber attack that occurred on August 24.

Norwegian Foreign Minister Ine Eriksen Søreide made a statement that Russia was behind the cyber attack on parliament.