Information about the war in Ukraine and that increased digital threat level
make sure adequate security against cyber operations
The current situation in Ukraine affects the whole world and we strongly dissociate ourselves from the acts of war, at the same time as we have great sympathy for the difficult situation the inhabitants of Ukraine are in. We have no interests in, or third party relations with, countries that in connection with this conflict EU sanctions list.
Furthermore, we are following the situation around the increased digital threat level with great concern. JustisCERT and the National Security Authority encourage Norwegian companies to be cautious about their digital security. Among other things, it has been announced that pro-Russian hacker groups are carrying out cyber operations against anyone who does not openly support Russia's attack on Ukraine.
The potential attacks will most likely aim to destroy or destabilize the digital services many companies use. It is also likely that money is the main target of the hackers who are now making an attempt. The attacks will typically be ransomware virus attacks and "wiper" malware Phishing.
Based on this, we have initiated a number of measures to increase the resilience of our services; among other things by raising the level of surveillance and our preparedness. We also encourage you to share the information with your employees and suppliers about what is happening, how you are preparing and what they themselves should do to prevent attacks. JustisCERT has made a list of important points. You can see this below and it can be freely distributed further.
-
1. In general
Make employees aware that pro-Russian hacker groups aim to attack / harm anyone who does not support Russia. This means that Norwegian companies and you as an employee are a goal.
-
2. Increase in attacks
Make employees aware that they must expect to see an increase in attacks in the future (eg phishing by email and SMS, malware as an attachment in an email or that they are told to download from websites that often look completely legitimate) .
-
Counterfeit websites
Attackers often try to gain access via phishing sites that look like real login sites (eg Microsoft / Google / Apple, etc.) where employees are tricked into entering the username / password / MFA that the attacker can use further in their attack.
-
Exposed services
The company's exposed services with vulnerabilities are compromised. From here, the attackers jump on to other systems / internal networks / server networks in the business before implementing their destruction.
-
5. Push notifications
Make employees aware that they must never approve 2-factor requests (eg in push notifications in the app / BankID on the phone) that they have not initiated themselves.
-
6. Be up to date
Make employees aware that they must keep their phones / tablets / PCs, including software / apps on them, up to date.
-
7. Stop. Think. Click?
Make employees aware that they need to be more careful than usual, “STOP. THINK. CLICK? » is a good rule of thumb.
-
8. Never enter a password
Make employees aware that they should never give passwords or 2-factor codes to anyone.
-
9. Do not be fooled
Attackers will often try to trick you: through malware that employees are tricked into downloading from a website (preferably a website that looks completely legitimate) or get sent in an email / SMS and then run.
-
10. Notify immediately
Make employees aware that they constitute an important security barrier against the attackers and that they must quickly inform the IT / Service Desk / duty number at the company if they experience anything abnormal.
