Norway has accelerated plans to scale up its national security infrastructure against threats emanating from the cyber domain.

Recent intelligence reports more than suggest that Norway’s critical IT infrastructure will likely face a higher level of targeting in the shape of malicious cyber attacks launched by hostile foreign governments and cyber crime actors.

To counter this ever-present risk, conservative prime minister Erna Solberg has mobilised the country’s national security infrastructure, including the Norwegian Defence Force’s (NDF) specialist cyber defence unit (CDU), under an umbrella-style partnership that includes strategic input from private sector ICT suppliers.

The government’s heightened interest in waging war against cyber threats became clear in January 2018, when it contracted state telecom Telenor to advise departments on best practice in the implementation of effective cyber defence strategies. The emphasis is on using advanced technologies and security measures to protect critical ICT systems.

The evolving public-private sector alliance is taking place against a backdrop of rising cyber attacks against state-run infrastructure, including the public transport company NSB, military sites and hospitals.

The partnership, which will link to a new government policy initiative to reinforce ICT security on a national level, is timely. It comes in the wake of a serious cyber attack launched in January against Helse Sør-Øst, Norway’s largest regional healthcare provider.

The preliminary results of an investigation by the national security agency PST (Politiets Sikkerhetstjeneste) indicated the attack was the work of an international cyber crime group operating on behalf of an unidentified “foreign state”. The “attackers” penetrated the outer wall of the HSO’s security shield but failed to gain access to the targeted patient data system. This system contained over two million separate patient and medical files.

An identical outer wall system “breach” was recorded at Oslo University Hospital (Oslo Universitetssykehus), Norway’s biggest medical facility, which operates as part of the HSO organisation.

“Unfortunately, this type of cyber threat is becoming more prevalent. Patient security wasn’t affected, but all malicious hacking events like this are serious. This is why the government wants to do much more to prevent such attacks and better defend Norway’s critical IT systems against all hostile actors,” said Justice Minister Sylvi Listhaug.

The PST was alerted to the cyber attack against the HSO by Sykehuspartner, the healthcare organisation’s IT security partner. The PST described the attack as “quite advanced and professional”, adding that it is cooperating with all critical service providers in Norway to ensure that their ICT systems are capable of withstanding sustained attacks from cyber space.

“The suspicion we have is that someone, on behalf of a foreign state, is gathering information. If the client state can be revealed, this is a source of fundamental damage to our national interests and a threat against state infrastructure,” said Line Nyvoll Nygaard, a prosecuting attorney at the PST.

The Norwegian government’s partnering with Telenor represents both a logical and strategic component in its cyber defence capacity building mobilisation project. Around 80% of all domestic data traffic is carried on Telenor-owned networks.

In a connected state-funded programme, Telenor will deepen its cyber defence competence exchange collaboration with the NDF, delivering a range of tools and solutions to the CDU.

Significantly, the cooperation agreement reached between the NDF and Telenor covers the development of enhanced digital-based security tools to protect significant military events, such as joint NDF-NATO exercises, against the prying digital eyes and ears of “foreign agencies”.

Disruptive interference Not only is the NDF concerned about cyber space surveillance of its activities, the organisation is increasingly on high alert against the potential for cyber-warfare-type “strikes”, and “disruptive interference” against the battlefield management command ICT-systems used to coordinate and direct large-scale military manoeuvres. Closer cooperation in the cyber defence domain with Telenor will ensure important resources are available at the times they are required, said Major General Inge Kampenes, head of the NDF-CDU. Telenor’s national role in Norway’s Total Defence System, which combines military and civil emergency preparedness, was elevated in 2017 as part of the government’s increased capital investment into high-priority cyber security projects. “We will examine vulnerabilities and potential risks, and work together to develop expertise and exchange information about incident threats. We will analyse methods of attack and different malware in the cyber domain,” said Kampenes. The collaboration between the NDF and Telenor is heavily weighted towards strengthening the military organisation’s crisis management expertise. Cooperation also aims to enhance the NDF’s ability to both protect and safeguard the operation of critical infrastructure as it relates to national security and emergency preparedness. “Alongside the growth of increased digital dependency and vulnerability, it is natural we focus more on national emergency preparedness and our ability to react,” said Kampenes.