More than 50 companies in Norway’s energy sector have been targeted in recent data sabotage attempts in one of the biggest cyber attacks to have hit the country’s oil and gas industry, according to the National Security Authority (NSA).
The agency has now issued warnings to a total of 300 companies in the sector, including state-owned giant Statoil, over the risk from the attacks in which virus software in e-mails sent to employees is used to target security holes in corporate data systems.
If an e-mailed attachment is opened, a destructive programme is unleashed that seeks out security holes that can then be used as a communications channel through which hackers can gain access to a company’s data system.
This enables them to install so-called Trojans and other viruses that can be used to steal key information, obtain log-in data or disrupt important control systems.
Such information can include contracts, project data, patents and business leads and opportunities.
A spokesman for Statoil, quoted by Norwegian business daily Dagens Naeringsliv, confirmed it had been warned about the attacks by the NSA and is checking its systems as a matter of routine.
The malware being used has been identified as Crouching Yeti, which is capable of disrupting power supply systems, according to the paper.
The group behind the programme, which is similar to other variants such as Energetic Bear, is believed to have carried out similar attacks on the energy sectors of other countries.