Have asked for assistance from Kripos - news Troms and Finnmark

Several municipalities and companies have been exposed to data breaches in Finnmark. This is confirmed by the police, who are investigating the case with assistance from Kripos and the national security authorities, NSM. Ken Are Johnsen is the security officer in Hammerfest municipality and also serves both Loppa and Måsøy municipalities. He confirms that someone has tried to break into their systems. – Yes, but it’s nothing new either. It’s the new normal. We are, so to speak, exposed to hacking attempts on a daily basis, says Johnsen. He says that the difference from before is who is trying to break in. – Before, it was mostly boys’ room hackers who did this out of spite, whereas now it might as well be states, says Johnsen. Tightened after the war in Ukraine He confirms that security routines have been tightened after Russia escalated the war against Ukraine on 24 February last year. This is because people have become aware that computer attacks can be part of modern warfare. – What is the worst consequence for a municipality that is affected? – Just look at what happened at Østre Toten a couple of years ago, where all computer systems were down for a year, says Johnsen. The police take the attacks in Finnmark seriously. – We have implemented preventive measures and dozens of public and private businesses in Finnmark have been notified of a possible security risk, says Torstein Pettersen, head of tactical investigation in Finnmark Police District. Torstein Pettersen, head of tactical investigation in the Finnmark police district, says they are working broadly and with several hypotheses to find out who is behind the attack. – The case is being investigated tactically and technically by the Finnmark Police District and Kripos is assisting us in the work, says Pettersen. Photo: Kristin Humstad / news Finnmark police district has now asked for assistance from Kripos, which has put an entire team on the case. – This consists of the investigation manager, investigators and digital operations manager. In addition, we have someone who provides legal assistance. We give this case a high priority, says section leader Øystein Andreassen at the National Cybercrime Center (NC3) in Kripos – What hypotheses do you have about who is behind it? – It is far too early to say. But the fact that we are investigating the case means that we start from the fact that a criminal act has taken place. And then the investigation can subsequently show whether there was something else, says Andreassen. – We see this as an act committed by criminals, until other information is available, says section leader at the National Cybercrime Center in Kripos, Øystein Andreassen. Photo: Kripos Skadebegrensing Vadsø municipality’s computer systems were subjected to a computer attack on the night of 2 February. The municipality states on its website that work is still underway to get certain systems back into operation, including the e-mail system. The network in Vadsø will not be opened until they are absolutely sure that there is no malware in the systems. Doing so has taken longer than expected. One consequence is that, until further notice, Vadsø municipality neither receives nor is allowed to send out bills. As a result, the police started an investigation and have uncovered burglaries and attempted burglaries in a number of municipalities and businesses in Finnmark. – What our investigation has so far uncovered is that login details to an external service provider have been leaked. And via this external actor, unauthorized persons have managed to get into or tried to get into the systems, says Torstein Pettersen. – We are now working on damage limitation, as well as uncovering who is behind the break-in. And not least, we must find out what they have done in the computer systems and what the purpose has been. Vadsø municipality was exposed to a computer attack on the night of 2 February, which put most of its computer systems out of action. Photo: BÅRD WORMDAL / news Exposed to hacking Sør-Varanger municipality reports in a press release that they were informed by the police on Wednesday 8 February about a possible security threat to their ICT systems, in connection with the investigation of other incidents. The security threat was discovered at an early stage. The municipality believes that it has a good overview of where the attack was carried out, and there is very limited access to the system in question that has been broken into. The municipality states that there is currently no indication that unauthorized persons have managed to extract files or important information from their systems. No internal or external services shall be affected by the data breach, and the municipality has no indications or evidence that any of our close collaboration partners have been affected as a result of the incident with us. – Digital threats have become part of everyday life. There is great reason to be cautious; we cannot insure ourselves against everything. Being vigilant and critical of unknown e-mails and links that we receive is good advice to keep the likelihood of attacks down. Data attacks are increasingly hitting multiple targets at the same time, across sectors, and we see that these attacks are looking for vulnerabilities in value chains that can then be exploited in a more targeted way, says IT manager Anders Greve in the press release. – Although everything indicates that the municipality was against the data attack this time, this was an advance warning that everyone could be affected. Good information and training of our employees is important, together with enough resources to buy in and manage good security systems in order to safeguard security and confidentiality in the municipality. We must work for this every day, says municipal director Nina Bordi Øvergaard in the same press release. The municipality’s IT department will continue to work on the case this weekend, possibly to uncover whether the attack has had any consequences that they have not yet seen. Sør-Varanger municipality has reported the matter to the police today. – Attempts detected Porsanger municipality is one of the municipalities that has identified attempts to attack the municipality’s computer systems. – There are signs that an attempt may have been made. But we are not affected. Beyond that, we have no comment. Councilor in Porsanger, Steinar Sæterdal, states that the municipality has uncovered one or more attempted data breaches. Photo: Lars-Bjørn Martinsen / news This is what the municipal director in Porsanger, Steinar Sæterdal, says, and adds: – We do not want to share our security solutions with the outside world. I ask for understanding for that, says the municipal director. Spokespersons for the municipalities of Alta and Vardø inform news that they have not been affected by the attack. Nor have Nesseby, Tana, Berlevåg and Båtsfjord, which are part of the ICT collaboration Vestre Varanger IT, been affected. The mayor of Karasjok states that they are not affected, but that he is concerned. – I think we are quite vulnerable. We have to secure ourselves better, he says. Photo: Dan Robert Larsen / news – We were exposed to data breaches last year. It cost us between NOK 300,000 and 400,000 in external computer support. We are watching closely now and I am a little nervous. We can never be completely safe, says business manager for Vestre Varanger IT, Sten Olsen. Ken Are Johnsen in Hammerfest says that the best thing to do is to have two-step login and to update the systems regularly. Ken Are Johnsen is the security officer in Hammerfest municipality and also serves both Loppa and Måsøy municipalities. He confirms that someone has tried to break into their systems. Photo: Private Ole Sommarset-Krogh, head of the technical department at ElTele, says that they are not directly affected, but have customers who are. He cannot say which companies are involved, but it is individual companies and larger companies that are affected. – The actors who are affected are spread all over the country, but also in the whole of Finnmark. ElTele also helps customers look for any traces. They have no idea who started the attack, but Krogh points out that it is probably a group of people doing what they can to hide their identity. – There are clues that point in certain directions, but they are certainly designed to mislead. NSM linked to the Police in Finnmark has in this case had an extra focus on uncovering what has happened. At the same time, it has been important to limit the extent of damage to municipalities and businesses that may be affected, and to prevent more people from being affected. Now the National Security Authority (NSM) is also involved and is assisting in clarifying the scope, and in addition mapping potentially affected businesses. – NSM assists with active incident management and is in dialogue with affected parties. We will follow them up going forward, says Erik Haugland, head of the National Cyber Security Center in NSM. The National Security Authority (NSM) assists the police in Finnmark. – We will follow them up going forward, says head of NSM, Erik Haugland. Photo: Oda Hveem / NSM

ttn-69

Supposed to have been raped by Høiby in his own home – news Norway – Overview of news from various parts of the country

Large fire in industrial area – news Vestfold and Telemark – Local news, TV and radio

– It could be that we are missing out on wonderful careers – news Sport – Sports news, results and broadcasting schedule

The academics and Unio may retain their own collective agreement – news Norway – Overview of news from different parts of the country

Have asked for assistance from Kripos – news Troms and Finnmark