Norway’s security service has claimed several of the country’s major institutions have been targeted by suspected state-sponsored Russian hackers.
Politiets Sikkerhetstjeneste (PST) official Arne Christian Haugstoyl told Norway’s TV2 a group known as APT 29 had launched spear phishing attacks on workers from the Norwegian intelligence services, the army, the foreign office, the parliamentary Labour party and the country’s radiation protection agency.
Haugstoyl said that while the motive behind the attacks was unclear, evidence suggests the group that launched them has links to the Russian authorities.
In comments made to the Associated Press, PST spokesman Martin Berntsen said: “The attacks had a signature that indicates those behind the hacking can be identified as APT29. They can be traced back to Russia.”
He told the news agency that APT 29 is a pseudonym of the Cozy Bear hacker group, which is suspected of being behind attacks on the Democratic National Committee (DNC) and the World Anti-Doping Agency last year.
The attack on the DNC is widely believed to have been ordered personally by Russian President Vladimir Putin.
Speaking separately with Norwegian tabloid VG, Berntsen said Norway was warned of the attacks by an unnamed foreign intelligence agency.
Also appearing on TV2, Norwegian Prime Minister Erna Solberg said the hacking attempts constituted “a serious attack on our democratic institutions”, but stressed that security officials had confirmed that no classified information was compromised.
Government workers have been warned to be careful when dealing with email messages from unknown sources, and not to open any suspicious attachments or suspicious links.
News of the attacks comes at a time when Norway, which shares a small border with Russia close to its northernmost point, has become increasingly concerned about the ambitions of the Kremlin.
Last week, the PST warned in a report that Norway is facing a growing threat from Russia.
“Intelligence pressure from foreign states, especially from the Russian side, has been high and stable over the years,” the Local quotes PST chief Marie Benedicte Bjornland as saying “The intelligence activities of Russia in particular have the potential to be more dangerous now than before.”
Russia’s embassy in Oslo accused the Norwegian intelligence services of creating a myth around the threat Moscow poses to the country’s security, suggesting the PST would be better off spending its time focusing on terrorism.
On its Facebook page, the embassy said: “Unfortunately, it seems like some are uninterested in normalisation of our relationship and strive persistently to return to the times of the Cold War.”
These types of spear phishing attacks involve hackers sending email messages containing malware-infected attachments or links to often low-level workers at private companies or public bodies. The emails and attachments are disguised to look as though they relate to the work of the recipient, but once opened allow hackers to access an organisation’s IT systems.
