Norway hit by major data-theft attack

November 17, 2011 - 2:05 PM

OSLO, Norway (AP) — Data from Norway's oil and defense industries may have been stolen in what is feared to be one of the most extensive data espionage cases in the country's history, security officials said Thursday.

Industrial secrets from companies were stolen and "sent out digitally from the country," the Norwegian National Security Authority said, though it did not name any companies or institutions that were targeted.

At least 10 different attacks, mostly aimed at the oil, gas, energy and defense industries, were discovered in the past year, but the agency said it has to assume the number is much higher because many victims have yet to realize that their computers have been hacked.

"This is the first time Norway has unveiled such an extensive and widespread espionage attack," it said.

Spokesman Kjetil Berg Veire added it is likely that more than one person is behind the attacks.

The methods varied, but in some cases individually crafted e-mails that, armed with viruses, would sweep recipients' entire hard-drives for data and steal passwords, documents and confidential documents.

The agency said in a statement that this type of data-theft was "cost-efficient" for foreign intelligence services and that "espionage over the Internet is cheap, provides good results and is low-risk." Veire would not elaborate, but said it was not clear who was behind the attacks.

The attacks often occurred when companies were negotiating large contracts, the agency said.

Important Norwegian institutions have been targeted by hackers before.

In 2010, some two weeks after Chinese dissident and democracy activist Liu Xiaobo was named that year's Nobel Peace Prize winner, Norway's Nobel Institute website came under attack, with a Trojan Horse, a particularly potent computer virus, being installed on it.

Other attacks on the institute in that same period came via email, containing virus-infected attachments.