Why Is China Hacking Norway?

Uploaded on 2015-10-05 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial, BUSINESS-Production-Energy, TECHNOLOGY--Hackers

Nordic-countries-threat-activities.jpg

The FireEye analysis of threat activities revealed that the highest number of APT and malware alerts were observed in in Norway (47%), followed by Denmark (36%), Sweden (14%), and Finland (3%).

All states spy. Stealing corporate secrets and understanding what other governments are thinking and planning have often been important methods for states to get ahead of their competitors.

This May, the cyber-security company FireEye released a report on cyber-espionage aimed at the Nordic states. Some of the report’s key findings were hardly surprising. Russia and China were the two states from which most cyber-attacks originated. Defense/aerospace, energy and high-tech communications are the industries, which have been the most targeted by cyber intrusions from these two states. Considering the Nordic states’ advanced, often niche, research and development within these sectors, that’s not surprising.

However, there was also quite a lot of activity aimed at acquiring classified government and military memos and emails. While this is to be expected from Russia, considering its position vis-à-vis NATO (of which three out of the five Nordic states are members, Sweden and Finland being the exceptions), it’s interesting that Beijing is showing an interest in a region from which it is so far removed.

Interestingly, out of the five Nordics, Norway was the country which had been most targeted by cyber intrusions. In fact, almost 50 percent of all intrusions in the Nordic states were aimed at Norwegian companies. Norway also seems to be the main target of hackers based in China.

Norwegian offshore energy and defense were the most targeted sectors by attacks emanating from both Russia and China. Russia is investing heavily in Arctic oil and gas and advanced Norwegian offshore tech would definitely be useful for that purpose. Chinese hackers were apparently also interested in Norwegian energy tech. China has its own interests in developing hydrocarbons in the Arctic, as well as boosting its own capabilities via offshore oil extraction elsewhere. Furthermore, gaining information on planned concessions on Norwegian offshore oilfields would be of interest to Russian and Chinese companies that are planning on investing there.

Meanwhile, Norway has an advanced and, for a country of its size, relatively large defense industry. It largely fills a niche for NATO, developing and producing missiles and sensors. One project which might be particularly interesting to both Chinese and Russian militaries is the Naval Strike Missile/Joint Strike Missile (NSM/JSM), developed as a joint project between Norwegian arms company the Kongsberg Group and U.S. firm Raytheon. The United States and several other NATO countries have expressed interest in acquiring this missile, which is, according to Kongsberg, the only anti-ship missile which can fit inside the F-35 Joint Strike Fighter’s internal bays. Specs on this weapon will undoubtedly be of great interest to both Beijing and Moscow.

Beijing’s attempts to access classified government files and emails also merit scrutiny. Russian intrusions have also targeted government files, but this is less surprising considering Norway’s position as NATO’s “Northern Flank,” and the current tensions between NATO and Moscow in Ukraine.

The main motives behind China’s cyber-attacks are probably twofold.

First, Beijing has effectively thrown Oslo into the diplomatic deep freezer since the Norwegian Nobel Committee awarded the Peace Prize to Chinese dissident Liu Xiaobo. The CCP is probably interested in having some warning if a similar move will happen again.

Second, China is attempting to strengthen its own position in the Arctic. Beijing is eyeing the economic possibilities that might appear with the receding of the Arctic ice-shelf. Earlier this month, a PLAN squadron was spotted for the first time in the Bering Strait, perhaps an indicator of China’s interests and intentions in the region. Knowing what other Arctic actors are planning, especially one with which China has an antagonistic relationship, is definitely of interest to China.

The advent of cyberspace has only made it easier for states to follow the cardinal rule of espionage: don’t get caught. The ironic thing about espionage is that, once discovered, it often reveals quite a bit about the spying state’s intentions and anxieties.

The Diplomat:

 

 

« India Discusses Cyber 9/11 Prevention
Cyber Attacks Cost Business Over $300bn Worldwide Last Year »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Phoenix TS

Phoenix TS

Phoenix TS offers world-class management, computer, and IT security certification training courses.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

Cybernance

Cybernance

Cybernance provide an enterprise-wide, web-based software solution for managing and mitigating cyber risk based on key compliance frameworks.

Radiflow

Radiflow

Radiflow is a leading provider of cyber security solutions for critical infrastructure networks (i.e. SCADA), such as power utilities, oil & gas, water and others.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

ISMS.online

ISMS.online

ISMS.online is a cloud software solution for fast & cost-effective implementation of an information security management system and achieve compliance with ISO 27001 and other standards.

Newtec Services

Newtec Services

IT should be responsive, adaptive, and smart. Now more than ever, you need a business that runs efficiently and can adapt to today's challenges. We can help with custom IT solutions.

HARMAN International

HARMAN International

HARMAN designs and engineers connected products and solutions for automakers, consumers, and enterprises worldwide.

MyCena

MyCena

MyCena has developed a complete system of security, control and management for decentralised credentials.

6clicks

6clicks

6clicks is an easy way to implement your risk and compliance program or achieve compliance with ISO 27001, SOC 2, PCI-DSS, HIPAA, NIST, FedRAMP and many other standards.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Plerion

Plerion

Plerion is an all-in-one Cloud Security Platform that supports workloads across AWS, Azure, and GCP delivering cloud security posture management, workload security, data security and more.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.