Computer crime in Norway
Mostly, when you read about computer crime, the numbers are from USA, or Russia. Or the numbers are saying how much Russia keeps on hacking people in the United States, or infecting them with evil Ransomware viruses. For norwegians, we read about this in both English and Norwegian.
For the last couple of decades, norwegians have become almost fluent in english, this means that we often read articles in english about the english speaking world.
In the english world, we keep hearing about data breaches in american companies. But what about Norway? Are there a lot of data breaches in Norway, why or why not?
For some (read: one or two) of the sources I could find online, it seems like the authors take the world of computer crime in their threat analysis. Instead of considering the threats in relation to norwegian culture, language and the data norwegian companies hold. Also, there are long discussions about black markets instead of the threat of ransomware, which is relevant to everyone, no matter what data they hold, as long as it is important to them.
This seems to suggest that norwegian computer crime write-ups are for and by the authorities in Norway.
The threats to norwegian companies and individuals are mostly the same as for the rest of the world. The difference is that our data holds a different value. Card data is hard to use outside of Norway while the cardholder is in Norway (card companies would block the card). Norwegian “social security” numbers are not very relevant outside of Norway. Norwegian companies’ data is in Norwegian, so not very useful to anyone not able to read the language.
This all boils down to; breaching norwegian companies or individuals is mostly relevant to norwegians. Except for in the case of ransomware.
I have not seen a lot of reporting on cases of ransomware in Norway. I’ve seen a few reports on ransomware specifically targetting norwegians, which is mostly phishing mails in Norwegian would-be from norwegian banks, post office, etc.
There was also a report on a county (“fylkeskommune” in Norwegian) that was hit by ransomware, but the key point here is that it was not targetted, neither to that county nor norwegians. It was a ransomware that one of the employees had “caught” on one of his memory sticks after travelling to Latvia.
It seems that, for the moment, norwegian companies are not much targetted for attacks. Maybe the big companies (like Statoil) are targetted, but they are in the international market and they have the infrastructure to defend against attacks.
There have been, for the last couple of years, some 100 breaches reported to the police, and 20 times more is estimated to have happened as well. But companies seem to not report it because they don’t believe the attacks are targeted, they don’t believe in the police’s ability to do something about it, no significant amount of data was taken/lost, or other reasons. This does seem like a lot, but nothing that appears to hit the news or affect the average norwegian, living in Norway.
