Cyber Incident Victim: DNB
Date:
Jul 2014
Location:
Norway
Summary
A distributed denial-of-service (DDoS) attack was launched against multiple major financial institutions and organizations in Norway, including the country's largest financial services group, DNB. The attack, claimed by Anonymous Norway, disrupted online services and caused difficulties for customers. The attackers exploited a security flaw in WordPress to drive bad traffic to the targeted servers. The incident highlighted the vulnerability of critical infrastructure to cyber attacks and the need for robust security measures.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
A significant cyber incident occurred in Norway, targeting multiple major financial institutions and organizations. The attack, which was claimed by a group identifying themselves as Anonymous Norway, resulted in disruptions to online services and difficulties for customers. The incident highlighted the vulnerability of critical infrastructure to cyber attacks and the potential consequences of such attacks.
The attack was characterized as a distributed denial-of-service (DDoS) attack, which involves overwhelming a targeted system with traffic from multiple sources in order to render it unavailable. In this case, the attackers exploited a security flaw in WordPress, a popular content management system, to drive bad traffic to the targeted servers. This allowed them to flood the systems with traffic, making it difficult for legitimate users to access the services.
The attack affected several major financial institutions in Norway, including DNB, the country's largest financial services group. DNB reported that its website was partially down due to junk traffic affecting its systems, and customers experienced difficulties logging in. Other organizations targeted in the attack included Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank, and Telenor, Norway's largest telecommunications company.
The attackers claimed responsibility for the attack through a message sent to a Norwegian publication, Dagens Næringsliv. The message read, "We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us. Sincerely, Anonymous Norway." The message also stated that the motivation behind the attack was to get the community to wake up to the increasing number of major IT security attacks and the lack of action being taken to prevent such events.
The attack was notable not only for its scale but also for its impact on critical infrastructure. The disruption to online services caused difficulties for customers and highlighted the potential consequences of such attacks on the economy and society. The incident also raised concerns about the vulnerability of critical infrastructure to cyber attacks and the need for robust security measures to prevent such attacks.
The incident was widely reported in the media, with many outlets highlighting the potential consequences of the attack. The Norwegian National Security Authority (NSM) confirmed that the attack was a DDoS attack and stated that such attacks do not require advanced computer skills or hacking experience. According to the NSM, anyone with a credit card and the will to destroy can hire botnets to bombard a system with junk data.
The attack was also notable for the fact that it was carried out by a group identifying themselves as Anonymous Norway. Anonymous is a loose collective of hackers and activists who have been involved in numerous high-profile cyber attacks and protests in recent years. The group's motivations and goals are often unclear, but they are known for their anti-authoritarian and anti-capitalist views.
The incident highlighted the need for organizations to have robust security measures in place to prevent and respond to cyber attacks. This includes implementing measures such as firewalls, intrusion detection systems, and denial-of-service protection. Organizations should also have incident response plans in place to quickly respond to and contain cyber attacks.
The incident also raised concerns about the vulnerability of critical infrastructure to cyber attacks. Critical infrastructure, such as financial institutions and telecommunications companies, play a vital role in the functioning of modern society. Disruptions to these systems can have significant consequences for the economy and society as a whole. As such, it is essential that these organizations have robust security measures in place to prevent and respond to cyber attacks.
Overall, the cyber incident in Norway highlighted the potential consequences of cyber attacks on critical infrastructure and the need for robust security measures to prevent such attacks. The incident also raised concerns about the vulnerability of critical infrastructure to cyber attacks and the potential impact on the economy and society.