Norwegian security authorities say a “criminal pro-Russian group” is behind a distributed denial of service (DDoS) attack that targeted Norway’s secure data network and disrupted public and private websites for some 24 hours.
A DDoS attack occurs when a threat actor attempts to disrupt a website, server, or similar target through the use of botnets, a cluster of remotely-controlled computers capable of creating ‘zombie networks’ that overwhelm and disable the targeted device.
The Norwegian National Security Authority (NSM) is tasked with the matter and is presently “working to find out whether there is a link with state-sponsored actors,”NSM Chief Sofie Nystroem told TV2.
The attack is believed to be retaliation for Norway blocking the transit of Russian supplies–including food, medical goods, and building supplies–to an Arctic Russian coal-mining settlement.
Moscow has asserted that Oslo is exhibiting hostility by interfering in the delivery of vital supplies to the Russian Consulate General in Svalbard.
Nystroem said the attacks “give the impression that we are a piece in the current political situation in Europe.”
Authorities highlighted that although similar attacks have targeted infrastructure in other countries, ”none of them have produced any lasting impact.”
"We are quite certain that no sensitive information was taken,” the NSM chief said.
Norwegian Prime Minister Jonas Gahr Støre told Associated Press reporters that, to his knowledge, the DDoS attack “has not caused any significant damage.”
The website of the Norwegian Labour Inspection Authority was among those targeted.
Norway’s claim comes on the heels of a recent DDoS attack carried out against Lithuania by hacker collective Killnet.
“The main targets are state institutions, transport institutions, media websites,” said deputy Defense Minister Margiris Abukevicius.
A Killnet spokesperson told Reuters that the attacks will continue as long as Lithuania blocks the transit of select goods to Russia’s Kaliningrad exclave.
"We have demolished 1652 web resources," the hacker collective said. "And that's just so far."
DDoS attacks using ransomware have become more common in the past several years, and criminals are now adopting artificial intelligence and machine learning methods that exploit certain behaviors of a target.