Multiple distributed denial-of-service (DDoS) attacks were directed towards major banks, insurance companies and the largest telecommunications company in Norway.
According to Softpedia, the hackers claimed to be part of Anonymous Norway and started in the morning, when the country’s largest financial services group DNB announced that their website was partially down because of junk traffic affecting their systems. The hackers deployed attacks later against the websites of Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank and Telenor.
Dagens Næringsliv, a Norwegian publication, reported that they received a message from Anonymous Norway claiming the attack on Norges Bank and other businesses, saying that “the motivation behind the current attacks and the next attacks in the future is to get the community to wake up”. However, the latest post on the Twitter account of Anonymous Norway denied responsibility for the DDoS attacks and said that script kiddies with no advanced tools were to blame.
In an email to IT Security Guru, Norwegian security expert Kai Roer said that this kind of attack should have been expected by the bank and finance industry in Norway in a way. “And it should be, considering both the sectors exposure to the internet, and the nature of their industry. Not everyone likes the banking industry and their huge success, so they become natural targets,” he said.
“Because this kind of attack was sort of expected, the banks in the region have been preparing for this to happen. Over the past few years, several of Norwegian banks have built highly qualified in-house competence to deal with cyber security threats. The finance sector also created their own CERT, and both the CERT and the major banks work closely together with the government services as well as the major ISP and TelCos to handle such events.”
Roer said his advice to the banking and finance sector is to treat this event as a learning experience, go through all the plans, the execution and the holes, and identify areas to improve. “I am quite certain the attacking party will do the same. Perhaps this was just a test to force the sectors hand?”
