In another troubling development, the notorious NoName ransomware group has once again set its sights on Norway, launching a cyber attack on nine critical infrastructures in the country. This latest incident is just one in a series of attacks that have targeted Norway in recent times.
The hacker collective, known as the NoName ransomware group, specifically identified the organizations that were targeted in the cyber attack. The list includes BPS Nord, Ferde AS, Ruter AS, Boreal Norge AS, Agder Public Transport, Stortinget (Norwegian Parliament), Skipsverft, BaneNor Log, and Oslo Municipality. These organizations represent various sectors, both government-controlled and private companies.
The cyber attack on Norway’s infrastructure began with a Distributed Denial of Service (DDoS) assault, according to the threat actors themselves. The NoName ransomware group left its mark on various websites, defacing them and compromising their links. These actions were evident through the group’s online posts and the compromised websites.
In their online statements, the ransomware gang provided some insights into their targets and methods, highlighting the extent of their reach and impact. They specifically mentioned the transport sector as one of their focal points. The hackers even listed the names of their victims and shared check-host links to validate their claims of successfully launching a cyber attack on Norway. They further boasted about their success in crippling multiple other websites, boldly declaring, “We killed the sites of Norway.”
To gain a deeper understanding of the situation, The Cyber Express sought responses from some of the organizations that were allegedly targeted in the cyber attack. However, at the time of writing, no official statements or responses had been issued by these organizations. This lack of information has created uncertainty regarding the full extent of the breach and its potential consequences.
The range of victims in this cyber attack highlights the hackers’ indiscriminate approach. Government-controlled organizations such as the Norwegian toll companies BPS Nord and Ferde AS, public transport authorities Ruter AS and Boreal Norge AS, the Norwegian Parliament (Stortinget), and the administrative body of Oslo Municipality have all fallen victim to this attack. This demonstrates the breadth of the hackers’ ambitions and their willingness to target entities across various sectors.
While this Norway cyber attack is deeply concerning, it is not the first time the nation has faced such a threat. Just a few months ago, in July 2023, several Norwegian government ministries were targeted in a cyber attack. The breach, which affected twelve ministries, was attributed to a third-party vulnerability. The source of the breach was identified and resolved, but specific details of the attack and its consequences were not disclosed to the public.
Additionally, in June 2022, Norway experienced a distributed denial-of-service (DDoS) attack that disrupted operations across multiple organizations. The NSM Security Authority linked this attack to a “criminal Pro-Russia” group. Fortunately, sensitive information was not compromised during that particular cyber attack.
As the frequency and severity of cyber attacks targeting Norway continue to escalate, it is evident that more robust cybersecurity measures are needed to protect critical infrastructures and organizations. The government and private sector must work together to strengthen their defenses and stay vigilant against evolving cyber threats.