Information that news has gained access to shows that a Russian group published a list of several countries that were to be attacked on Friday afternoon. A list of Norwegian companies was published on Saturday. That list was published by another Russian group. The Norwegian hospitals mentioned as targets for the hackers are Ahus, Sykehuset Innlandet, Førde hospital, Ringerike hospital, St. Olav’s hospital, Skien hospital, Stavanger University Hospital, Tønsberg hospital and University Hospital in the North -Norway. It was TV 2 that first reported the hacker attack. A third group is now carrying out the attacks. This can be observed on the messaging service Telegram. When one group starts an attack, several groups attack. The pages that are attacked are usually only down for a few seconds. There is a competition between the groups, where it is important to be the first to attack. Several pro-Russian groups in action The attacks taking place now are so-called denial of service attacks (DDoS attacks). Such attacks mean that a large number of requests are sent to a server, so that it does not have the capacity to respond. As a result, the hospitals’ websites may become unavailable. – This is annoying, but not dangerous, says Gisle Hannemyr. He is a researcher, entrepreneur and commentator within informatics. – It can be compared to activist groups. What they do is that they block the entrance to, for example, a ministry. They disrupt the business, but have no serious consequences, Hannemyr believes. The National Security Authority, NSM, says they are aware of messages on Telegram aimed at the health sector in a number of countries, including Norwegian health institutions. NSM says that they are in dialogue with relevant partners and follow the situation closely. Unstable websites Press watchdog Lena Skotland at Vestre Viken health enterprise tells news that they are aware of the attack: – We have unstable websites that Helsenett is working hard to fix. If you go to our website and search for information about arthritis or something else, it is the type of information that is affected, says Skotland. – We are following the situation, and have close cooperation with the National Security Authority and Helsecert (the health and care sector’s national center for cyber security, (ed. CEO). It is the websites operated by Norsk Helsenett that are exposed to this type of attack, says managing director Ole Jørgen Kirkeluten at Helse Vest IKT. Communications manager Mette Valle Sannes at Helsenett says that there has been abnormally high traffic on the internet. – What we know is that the websites were down for a moment, but now they are up again and we are monitoring and is in control of the situation. – Which websites were down? – I don’t have an overview right now, but we know that many of the websites of Norwegian hospitals were down. The last I heard was that they were all up again now. Sannes says that they are monitoring the situation carefully. Not worried – This is quite commonplace. We are not worried and do not think there will be any major consequences, that there are only threats. This is what CEO of Sykehuspartner, Hanne Tangen, says Nilsen. – If they succeed in the attack, there is no risk to patient information and the internal systems of Sykehuspartner. – It is the external hospital websites that can be hit. It contains public information, not sensitive information. In practice, this means that these websites become unavailable. How long they stay down depends on the power and intensity of these attacks, according to Tangen Nilsen.
ttn-69