Recent reports found that a Chinese entity allegedly hacked into the systems of a leading Norwegian business software and services supplier, to steal information. This has set off alarms in the Scandinavian country.
Some Western countries, the US and UK in particular, have long been suspicious of certain elements of Chinese activity in cyberspace.
Visma, the affected Norwegian company, decided to go public against 'Cloudhopper' which has been described as a global hacking campaign conducted by the Chinese Ministry of State Security. Their aim, according to cybersecurity firm Recorded Future, is to access intellectual property and corporate secrets from the targeted firms.
Visma is a multibillion dollar managed service provider (MSP) with over 850,000 global clients. The element behind the hacking campaign has been dubbed APT10, and is called 'a Chinese state-sponsored threat actor'. Questions now loom surrounding the threat of such attacks for Norwegian stakeholders, how they stay protected, and in what ways this changes attitudes towards the Chinese.
The risks involved
Kai Roer, the CEO of security culture measurement company CLTRe AS, talks about the risks associated with hacking that targets a company’s data. “It depends on what information is leaked, to whom, and for how long. For a company like Visma, with thousands of clients and a product, it means they store critical data like accounting, payrolls, business documents and contracts.”
He says a breach that causes data to be lost would end up being 'difficult'. At the same time, the extent of risks of hacking for clients could range from having no real consequences to catastrophic ones. “For their customers, the same breach may mean nothing at all, or take them out of business,” he warns.
Keeping the guard up
Besim Ismaili, the CIO/CTO of ELA AS, CTO of Numus and an MIT-certified big data professional, stresses that campaigns like Cloudhopper are a hazard to personal information, which may be used for impersonation and other illegal activities.
“The range of risks varies from mass spamming to stealing relevant financial and health data from clients involved, both companies and persons,” he says. He also elaborates that the threat is substantial for end-clients of hacked companies.
“It starts from selling personal information for business purposes, spamming, business scams and stealing valuable financial information such as bank logins, credit cards, online profiles etc,” Ismaili continues.
He cautions that apart from stealing client information, groups like Cloudhopper could start treating the affected company as hostile. “They can demand payments, start controlling their business activity online and even worse, profit directly from the threat potential against business systems.”
Lifekeys AS CTO, Amando Abreu, also agrees that such groups pose a big risk, especially as they work in clusters. “A single well-educated hacker can do a lot of damage. Put 100 of them together in a room and you have a more serious threat than you can imagine,” he warns.
Not just the Chinese
“There are a large number of groups of hackers out to steal information and sabotage systems. This is not a uniquely Chinese thing as almost every country has its own government-controlled groups,” outlines Kai Roer.
He says the 'big guns' are pointing towards China at the moment and this is largely due to the geopolitical situation. “Western economies are feeling threatened by the Chinese economy,” he elaborates.
“In general, my assessment is that doing business with [the] Chinese is not a problem for most companies. Just like it is perfectly fine to do business with most companies in USA or Germany,” Roer adds.
From Amando Abreu’s point of view, Chinese interests are only mimicking what others have been doing for some time. “China has a common business model, which is to copy what others are doing,” he says.
“If China is now doing this, it just means they are copying what others have been doing for decades. This isn't solvable by just avoiding Chinese businesses. No one is truly safe.”
How Norway counters threats
Kai Roer says that Norway is one of the most digital societies in the world, making it the 'perfect' target. However, it also makes the systems deployed by the country more modern than others. “This often also means more secure. As a bonus, a highly digital society also means digital literacy is high, thereby increasing protection.”
Before addressing measures to stay protected, Roer emphasises that no system can be completely secure. “As technology evolves, complexity becomes an enemy of security,” he highlights. He also details the Norwegian’s government legal framework and guidelines to stay protected.
“Recently, it published the Strategy for Digital Security in which they provide direction and recommendations to follow.” In addition, Roer says the government is increasingly funding cyber activities like computer emergency response teams, network security monitors, CyFor and NorSIS, to name a few.
The reports of Cloudhopper-hacking came as a scare for Norwegian companies with valuable data to protect. However, it seems the technologically-advanced players of Norway, with the help of its government, are well placed to counter any threats.
Cybersecurity experts have concluded that it is best for business/tech entities to take their own preventive measures, rather than avoid doing business with China – especially since hacking is a global phenomenon.
We believe that information should be free and will therefore never put up a paywall.
If you like reading our reports about the Scandinavian business scene and would like to donate towards the upkeep of the site, we would be very grateful. Click here to donate.