Norway companies hit by major data-theft attacks

November 18, 2011 | Government & Regulations

cyber_security_experts

Data from Norway’s oil and defence industries may have been stolen in what is feared to be one of the most extensive data espionage cases in the country’s history, security officials said on Thursday.

Industrial secrets from companies were stolen and “sent out digitally from the country,” the Norwegian National Security Authority said, though it did not name any companies or institutions that were targeted.

At least 10 different attacks, mostly aimed at the oil, gas, energy and defence industries, were discovered in the past year, but the agency said it has to assume the number is much higher because many victims have yet to realise that their computers have been hacked.

“This is the first time Norway has unveiled such an extensive and widespread espionage attack,” it said.

Spokesman Kjetil Berg Veire added it is likely that more than one person is behind the attacks.

The methods varied, but in some cases individually crafted e-mails that, armed with viruses, would sweep recipients’ entire hard-drives for data and steal passwords, documents and confidential documents.

The agency said in a statement that this type of data-theft was “cost-efficient” for foreign intelligence services and that “espionage over the internet is cheap, provides good results and is low-risk.” Veire would not elaborate, but said it was not clear who was behind the attacks.

The attacks often occurred when companies were negotiating large contracts, the agency said.