Cyber Incident Victim: Norway

On June 29, 2022, multiple large Norwegian organizations experienced distributed denial-of-service (DDoS) attacks targeting their websites and web-based services, causing significant disruptions that rendered critical online platforms inaccessible to users. The attacks were attributed to a pro-Russian criminal group, as confirmed by Norway’s National Security Authority (NSM). These incidents affected entities providing essential services to the public, though specific company names were not disclosed. NSM Director Sofie Nystrøm emphasized the deliberate nature of the attacks, noting they aligned with similar incidents observed in other countries amid heightened geopolitical tensions in Europe. The agency had proactively warned Norwegian entities in May 2022 to bolster defenses against such threats, citing the evolving security landscape. While the attacks disrupted operations temporarily, no permanent damage or data breaches were reported. NSM provided direct assistance to targeted organizations during the incident response phase.

Sporadic DDoS activity continued beyond June 29, though affected organizations rapidly implemented countermeasures to restore services and maintain normal operations. NSM reiterated the likelihood of future attacks and stressed the importance of organizational preparedness. Director Nystrøm highlighted that while comparable incidents abroad had not resulted in long-term consequences, the attacks risked amplifying public uncertainty and reinforcing perceptions of Norway’s involvement in broader European geopolitical conflicts. The agency maintained its advisory role, monitoring the situation without disclosing technical specifics of the attacks or mitigation strategies employed by victims. A press briefing featuring Nystrøm was held on June 29 at Oslo’s Havnelageret to address media inquiries, underscoring the operational transparency surrounding the incident.