New supply chain fears following Norwegian cyber attack

The cyber-attack on 12 Norwegian government ministries earlier this month has renewed call for businesses to take the threat to their supply chains seriously.

The Norwegian government announced the attacks at a news conference yesterday adding the issues has been discovered on 12 July with many believing the attacks were backed by Russia.

“We identified a weakness in the platform of one of our suppliers. That weakness has now been shut,” Erik Hope, head of the government agency in charge of providing services to ministries, told a news conference.

Norway is Europe’s largest gas supplier after a drop in Russian gas flows and Western Europe’s largest oil exporter.

Brian Higgins, security specialist at Comparitech said the Norwegian government reacted quickly.

“Whilst this incident highlights the vital importance of supply chain monitoring and security for any organisation, I’m particularly impressed with the Norwegian government’s response,” he added. “It’s incredibly rare to receive such a pragmatic, succinct comment from a cyber-attack victim. None of the usual ‘we take our client’s security seriously’ or ‘this was a sophisticated cyber-attack’ nonsense. Just a mature assessment of events. It certainly looks like the Norwegian authorities have things under control and it would be nice if a few more incident response teams adopted their approach.”

“Norway is a strategic supplier of Oil & Gas to Europe and disrupting this aligns to the interest of the Russian state, as seen with the latest attacks earlier this year affecting the US Department of Energy,” Brad Freeman, Director of Technology at SenseOn. “The MOVEit vulnerability was identified as the source of the attack on the US Department of Energy and considering this press release states that there was ”a weakness in the platform of one of our suppliers” and unusual traffic patterns were detected in the latest attack, it is possible that this attack also has the potential to be related to the recent MOVEit vulnerability. However, it’s too early to formally attribute the attack against the Norwegian government ministries to a specific source, and the technical detail is unlikely to ever be released so attribution is speculation.”

Jamie Akhtar, CEO, and co-founder of CyberSmart said the attack was likely to have been state sponsored but sent a message to the wider business community that cyber security must be at the top of the agenda.

“While conclusive evidence for this kind of attack is often hard to come by, given Norway’s geopolitical position, this bears all the hallmarks of a state-sponsored attack,” he explained. “Over the past 18 months, we’ve seen an increasing number of attacks directly targeting state infrastructure within countries broadly supportive of Ukraine.

“Alongside this, the nature of the incident points to a supply chain attack, whereby cybercriminals attack a supplier or partner of the real target and gain access to its systems through the back door. These attacks are becoming extremely common, so we urge all organisations, be they state bodies or businesses to pay close attention to the security levels across their supply chains. Likewise, the many thousands of small businesses that provide services to large organisations need to ensure they have robust security controls in place.”


Warning: Division by zero in /home/customer/www/emergingrisks.co.uk/public_html/wp-includes/comment-template.php on line 1520

SHARE: