Menu
Browse

Cyber Incident Victim: Grönland

Date:

Mar 2022

Location:

Greenland

Summary

A security breach was discovered on a central administration server in Greenland, prompting authorities to block all incoming and outgoing communication to and from the region to contain the incident. The blockage affected public digital services that rely on external validation, notably the Sullissivik website’s NemID login, rendering those services unavailable until the breach is investigated and resolved. Officials said they are working intensively to fix the issue and will provide an update once the investigation concludes.

CIA Posture Motives Tactics, Techniques & Procedures
Available to members 1 motive 1 technique
Threat Actors Type Location
0 actors Available to members Available to members

Description

On March 25, 2022, the Greenlandic self‑government announced that a security breach had been detected on access to one of the central administration’s servers. The breach prompted Naalakkersuisut to issue a press release stating that parts of Sullissivik and several other public websites would be taken offline. Effective immediately and continuing until the following Monday, users were unable to log in to the Sullissivik website using NemID. The decision to block all inbound and outbound communication from the central administration’s servers was made to contain and investigate the incident. The blockade was intended to protect central administration data while the breach was examined more closely. Officials said they were working intensively on remediation and would release a new status update on Monday evening.

Cyber Incident Image

The blockade affected all public digital web solutions that either retrieve data from outside Greenland or transmit data out of the territory. Consequently, citizens and businesses experienced outages on a range of online services, with some services remaining unavailable until the block was lifted. A specific example cited was the digital services on sullissivik.gl that rely on NemID for authentication, because NemID validation occurs on servers located in Denmark. While the services were inaccessible, the self‑government emphasized that the action was precautionary and aimed at safeguarding data integrity. No further details about the nature of the breach or the attackers were disclosed in the announcement. The statement concluded by noting that intensive efforts were underway to restore full functionality and that a follow‑up communication would be provided later that week.

Sources
Sources available to members
1 source