The Norwegian company Visma has been the victim of a hacker attacks, writes Reuters. According to the news jobs the hackers for the chinese intelligence.
A representative for the company’s management describes the opposite Reuters the attack as “potentially disastrous”.
the Hackers should not have had access to some of the customers network. Visma provides services to more than 900 000 companies in Scandinavia and parts of Europe.
Trade secrets
the Company Recorded Future has published a report after investigating an allegedly hackerkampanje carried out by the chinese state-sponsored trusselaktøren APT10.
the Attack should have been directed against at least three companies in the united STATES and Europe between november 2017 and september 2018, has Recorded Future and Rapid7 revealed.
Visma Norway to be among the companies that are discussed in the report.
These hackers should, according to the news agency have been working for chinese intelligence, and the subject should have been to steal trade secrets from Vismas customers. The hackers got access to Vismas network using the stolen credentials.
Reveals: 1,5 mill. Norwegian password leaked – Severe
– It is to talk about something we have seen before, and as China has held on in many years. Industrial espionage.
It says Nupi researcher Karsten Friis, head of research group for security and defence, to Dagbladet. He boasts of Visma, who have chosen to go public and confirmed the attack.
– It is very good that they have gone all out with this. There is a known issue from the past that private companies, especially aksjenoterte companies, do not go out with such information because they fear to be harmed. But it creates a vicious circle. Therefore, it is commendable that the Visma go out with it, ” says Friis.
– industrial espionage is something China has been in a long time. This is not something pleasant, it is serious and it has happened in Norway several times, ” says Friis on.
He indicates that it do not occupy any central place in Norway with a full overview of all data traffic that goes out of the country, and, therefore, that there is often talk of luck that such an attack at all is detected.
Russia and China
Friis says one can assume that such attacks occur far more often than we are familiar with.
– Espionage has always been there, but not in the scale you see now. It is not tillitsbyggende, ” he says.
the Norwegian intelligence has repeatedly warned against the dramatic growth in digital threats to the political, military and economic goals. The intelligence services have specifically warned that the most serious digital threats will come from Russia and China.
– the Difference between China and Russia is that hackergruppene in China is much more clearly connected to the official China. In Russia, you so-called patriotic hackergrupper, which shall operate independently of the state. But there is no one who buys the bluff, think Friis.
Warns celebrities: how To protect yourself against passordtyveri Dagbladet Plus Did not get access
the Ultimate Espen Johansen in Visma says to the news agency that they discovered the attack shortly after hackers took in Vismas systems.
Through the existing security programs, the response from our security groups and good advice from our partners, we were able to prevent that client data was compromised, ” says Espen Johansen in a news release.
He says at the same time, on a general basis that Visma always report hacker attacks to the police, and would like to thank, among other things PST for your cooperation in this matter.
– But if I take on me “paranoid hat”, this could have been disastrous. A great etterretningsorganisasjon a place in the world that will collect as much information as possible, of course, go for a collected place. It says itself, ” says Johansen to Reuters.
The chinese ministry of foreign affairs has not replied to Reuters ‘ requests for a comment on the matter, but they have previously refused to stand behind the hacker attacks.
the PST involved
Visma and the Police security service has had a good dialogue on this. It is important in the preventive work that the businesses notify the Norwegian authorities, ” says Annett Aamodt, senior communications adviser in the PST.
Visma had early suspected that a state actor could stand behind, and therefore notified the PST, ” she says.
We know that the network operations as this takes place, and therefore, this openness, as Visma now has been shown important in the preventive work.
She did not want to comment about this state actor is China.
Assistance from NSM
Nasjonal sikkerhetsmyndighet (NSM) are well aware of the attack against the Visma and has assisted the company.
– We have assisted in the handling. We would like to commend the company for having handled the incident well technically and to have shown transparency, ” says communications director Mona Strøm Arnøy in the NSM, according to NTB.
She says it is important that companies are open about incidents like this.
the NSM is a national warning and koordineringsinstans for serious computer attacks and other ICT security incidents.
the Review update the case.
So is Anonymous’ cyber war against ICE