Municipalities fear major data attacks - National Security Authority monitors traffic - news Troms and Finnmark

– Journals can become unavailable and the nursing homes do not know which medicines the patients should have. That’s what ICT manager in Tromsø municipality, Geir Mikkelsen, says. – All the services we deliver are rooted in ICT. A computer attack can cause the PCs to go black. Last year, Tromsø municipality was exposed to a cyber attack. 15,000 e-mails with spam were attempted to be sent from the account of an employee in Tromsø municipality. Therefore, the municipality has now taken several measures to improve its IT security. One of the measures is that it is now included in the National Security Agency’s (NSM) notification system for digital infrastructure (VDI). – They collect and review a lot of traffic data. This is analyzed at a slightly higher level than what we can do, says Mikkelsen. According to him, the system has so far not detected large massive data attacks, but there have been several alerts about smaller incidents. – There may be, for example, virus attacks on certain PCs. There is no deviation, everyone who is on the internet is exposed to it every day, he says. – But the alerts show that it is important to be alert when it comes to the smaller incidents. But it is the big attacks that Mikkelsen fears. Those that can have major consequences for the approximately 80,000 people who live in Tromsø. – Such an attack can stop most services, he says. – Can it paralyze society? – Yes, and there have been examples of that in recent times. During one month in 2021, AKVA group, Hurtigruten and Østre Toten municipality were exposed to serious computer attacks. Will not say who they monitor VDI a national sensor network on the internet, which is operated by the National Cyber Security Centre. Participation in the network is voluntary, but has been set up with the aim of protecting critical infrastructure in Norway. As far as the Municipalities’ Organization (KS) knows, there are more municipalities than the two in Troms that are monitored by NSM. – KS knows that several municipalities are involved in the VDI collaboration. The extent of this may need to be disclosed by NSM, says Asbjørn Finstad, department director at KS. NSM will not say for whom or how many people they monitor the traffic for. KS encourages the municipalities through various municipal interaction arenas to investigate with NSM whether they can participate in the VDI collaboration and Allvis-Nor. The system consists of a number of sensors that act as an alarm system that can detect and notify of possible data intrusions. They detect such events by passively listening and looking for particular patterns in network traffic. However, this does not mean that they see what employees write to each other during lunch. But if, for example, an enormous amount of e-mails with a lot of content suddenly arrives from India – then it lights up red. Many personnel worthy of shielding NSM also follows the data traffic in the defense municipality of Bardu. The municipality did a risk and vulnerability analysis a few years ago, and discovered risks related to their IT security. That is why they applied to be part of the scheme. – We have the country’s largest army garrison, and a lot of personnel worthy of protection, says mayor Toralf Heimdal. But it is not the activity of the Armed Forces that the municipality wanted help to monitor. The Norwegian Defense Intelligence Battalion has its headquarters in Bardu. There are several people here who work to spy on behalf of Norway. If one of those who work there uses health services in the municipality, this could be information of interest to foreign intelligence. Bardu municipality took the initiative early on to join NSM’s sensor network, says mayor Toralf Heimdal. Photo: Pål Hansen / news The threat picture has changed Today, more and more of our everyday life is digitized. The same applies to crime. Already in 2019, the then Minister of Defence, Frank Bakke Jensen, acknowledged that IT security has not been good enough at public agencies. A modernization of the sensor systems was then proposed. But digital threats come in many forms and are constantly evolving. This makes it difficult to introduce a single measure that stops all unwanted activity. In Tromsø, several short-term measures have been taken to improve IT security. But according to the IT manager, it is demanding to introduce good, effective measures that will have a long-term effect. – IT security is a continuous process. The vulnerabilities we have today are not the same as we will have in two years, says Mikkelsen. When the municipality did a threat assessment earlier, they did specific penetration tests. They showed no acute vulnerability. But since then the security situation in Europe has changed. – The threat from state actors has become even greater and has come higher on our list, says Mikkelsen. – With the current threat picture, we expect that a state actor with enough resources will be able to get into our systems, he says.

ttn-69

Track storming stole attention from Ronaldo assist – Football European Championship 2024

6 killed and 12 injured after attack in Russia – Latest news – news

Fears mining and radioactive waste – news Vestfold and Telemark – Local news, TV and radio

Attacks in several places in Dagestan – news Urix – Foreign news and documentaries

Municipalities fear major data attacks – National Security Authority monitors traffic – news Troms and Finnmark