Why Is China Hacking Norway?

Nordic-countries-threat-activities.jpg

The FireEye analysis of threat activities revealed that the highest number of APT and malware alerts were observed in in Norway (47%), followed by Denmark (36%), Sweden (14%), and Finland (3%).

All states spy. Stealing corporate secrets and understanding what other governments are thinking and planning have often been important methods for states to get ahead of their competitors.

This May, the cyber-security company FireEye released a report on cyber-espionage aimed at the Nordic states. Some of the report’s key findings were hardly surprising. Russia and China were the two states from which most cyber-attacks originated. Defense/aerospace, energy and high-tech communications are the industries, which have been the most targeted by cyber intrusions from these two states. Considering the Nordic states’ advanced, often niche, research and development within these sectors, that’s not surprising.

However, there was also quite a lot of activity aimed at acquiring classified government and military memos and emails. While this is to be expected from Russia, considering its position vis-à-vis NATO (of which three out of the five Nordic states are members, Sweden and Finland being the exceptions), it’s interesting that Beijing is showing an interest in a region from which it is so far removed.

Interestingly, out of the five Nordics, Norway was the country which had been most targeted by cyber intrusions. In fact, almost 50 percent of all intrusions in the Nordic states were aimed at Norwegian companies. Norway also seems to be the main target of hackers based in China.

Norwegian offshore energy and defense were the most targeted sectors by attacks emanating from both Russia and China. Russia is investing heavily in Arctic oil and gas and advanced Norwegian offshore tech would definitely be useful for that purpose. Chinese hackers were apparently also interested in Norwegian energy tech. China has its own interests in developing hydrocarbons in the Arctic, as well as boosting its own capabilities via offshore oil extraction elsewhere. Furthermore, gaining information on planned concessions on Norwegian offshore oilfields would be of interest to Russian and Chinese companies that are planning on investing there.

Meanwhile, Norway has an advanced and, for a country of its size, relatively large defense industry. It largely fills a niche for NATO, developing and producing missiles and sensors. One project which might be particularly interesting to both Chinese and Russian militaries is the Naval Strike Missile/Joint Strike Missile (NSM/JSM), developed as a joint project between Norwegian arms company the Kongsberg Group and U.S. firm Raytheon. The United States and several other NATO countries have expressed interest in acquiring this missile, which is, according to Kongsberg, the only anti-ship missile which can fit inside the F-35 Joint Strike Fighter’s internal bays. Specs on this weapon will undoubtedly be of great interest to both Beijing and Moscow.

Beijing’s attempts to access classified government files and emails also merit scrutiny. Russian intrusions have also targeted government files, but this is less surprising considering Norway’s position as NATO’s “Northern Flank,” and the current tensions between NATO and Moscow in Ukraine.

The main motives behind China’s cyber-attacks are probably twofold.

First, Beijing has effectively thrown Oslo into the diplomatic deep freezer since the Norwegian Nobel Committee awarded the Peace Prize to Chinese dissident Liu Xiaobo. The CCP is probably interested in having some warning if a similar move will happen again.

Second, China is attempting to strengthen its own position in the Arctic. Beijing is eyeing the economic possibilities that might appear with the receding of the Arctic ice-shelf. Earlier this month, a PLAN squadron was spotted for the first time in the Bering Strait, perhaps an indicator of China’s interests and intentions in the region. Knowing what other Arctic actors are planning, especially one with which China has an antagonistic relationship, is definitely of interest to China.

The advent of cyberspace has only made it easier for states to follow the cardinal rule of espionage: don’t get caught. The ironic thing about espionage is that, once discovered, it often reveals quite a bit about the spying state’s intentions and anxieties.

The Diplomat:

 

 

« India Discusses Cyber 9/11 Prevention
Cyber Attacks Cost Business Over $300bn Worldwide Last Year »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

Maverick Technologies

Maverick Technologies

Maverick is an industrial automation, enterprise integration and operational consulting company. Services include industrial cyber security.

Asseco Group

Asseco Group

Asseco Poland stands at the forefront of the multinational Asseco Group. We are a leading provider of state-of-the-art IT solutions in Central and Eastern Europe.

Templar Shield

Templar Shield

Templar Shield is a premier information security, risk and compliance technology professional services firm serving North America.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

Presidio

Presidio

Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

Citizen Lab - University of Toronto

Citizen Lab - University of Toronto

Citizen Lab focuses on research and development at the intersection of cyberspace, global security & human rights.

National Cybersecurity Consortium (NCC)

National Cybersecurity Consortium (NCC)

The NCC’s mandate is to keep Canada’s cyber and critical infrastructures and citizens safe while ensuring Canada’s global competitiveness and leadership in cybersecurity.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Alpha Omega Integration

Alpha Omega Integration

Alpha Omega creates new possibilities through intelligent end-to-end mission-focused government IT solutions.

Exacom

Exacom

Exacom is a leading provider of multimedia logging/recording solutions across public safety, government, DoD, energy, utilities, transportation, and security applications.

nandin Innovation Centre

nandin Innovation Centre

nandin is ANSTO’s Innovation Centre (Australian Nuclear Science and Technology Organisation) where science and technology entrepreneurs, startups and graduates come together.

White Knight Labs

White Knight Labs

White Knight Labs is a cyber security consultancy that specializes in cybersecurity training.

Telenor Cyberdefence

Telenor Cyberdefence

Telenor Cyberdefence is a newly established (2024) cloud-born Managed Security Service Provider focused on the Nordic markets.