The municipality of Østre-Toten has become an accidental victim of an online criminal gang that has stolen documents and locked files.
Learn from the dramatic incident in an open interview where HP’s Director of Security, Tor Peter Abrahamsen and Roar Thun of the NSA assess the situation and explain what is important to prevent similar things from happening again.
Listen to HP’s new ‘Breach of Security’ podcast Learn how important planning and IT security are to prevent your files from being secured and stolen
In the “Security Breach” podcast, the municipality of Ostree Totten is vocal about what happened:
International criminal actors are behind this. They hacked our servers, encrypted data and deleted the backup system. I walked out early and said it would take half a year to fix this. But the consequences It took me a long time before I realized the extent of it.
Olly Magnus StensrudAnd The mayor of Auster Totten
There is a lot to learn from an incident like this where up to 10,000 documents were stolen, and while one must realize that all businesses are at risk of being hacked, good old planning and good backup solutions are still a good defense against criminals and cyber gangs. Also be aware that Norwegian companies get hacked daily, which means that many of them do a good job with security and have the equipment and experience in place.
When the hack became known, Østre-Toten had to warn its residents with an unpleasant message:
Auster-Totten municipality was hit by a computer attack in January. On March 31, the municipality received confirmation that documents containing personal data stolen in a computer attack had been posted on the “dark web”. This personal information may be misused by criminals.
Östertotten Municipality, Spring 2021
According to the mayor, it has cost more so far 32 million kroner To correct the problems that arose from the attack. Expenditures amounted to consultants, updating all software and additional data monitoring procedures.
Abrahamsen, a security expert at HP, claims that investing in IT security solutions will pay off in terms of the risks you face, as the example from Østre Toten clearly shows. Abrahamsen is proud of the municipality that dared talk about what happened, and there are plenty of lessons to be learned from that.
Østre-Toten data circulated on the “black net”
Listen to the first episode and Follow us to hear more
Episode 1 – Random Victim:
An international criminal gang broke into the computer systems of the municipality of Østre Toten and deleted everything! Suddenly the municipality returned to the era of pen and paper. What happened? Why did it happen and how can it be prevented?
Mayor Uster Totten, Ole Magnus Stensrud, National Security Agency Director Rohr Thun and HP Tour security expert Peter Abrahamsen. Program Leader: Nils Johan Halvorsen
We can only speculate how the username and password went astray.
Ole Magnus Stensrud, mayor of Öster-Totten.
There’s a lot that can go wrong with your breakthrough cooling water:
- This personal information is misleading
- Criminals are trying to defraud you
- To be identified as a beneficiary of various services from the municipality
- That health information about you becomes known
- To be known of your ethnicity
- That your union affiliation becomes known
- Make your bank account number, birth number, address or phone number known
Even charging stations stopped working
Ole Magnus Stensrud, mayor of Öster-Totten, explains that even the chargers were connected to the Internet, and six months after the attack, it was still not possible to charge the electric car:
The charging station outside the town hall is not working yet because it is connected to the network. In addition, there were several door alarms that did not work before. The digital ecosystem is very broad and we are at risk.
Ole Magnus Stensrud, mayor of Öster-Totten.
Technology selection is a security options
If you don’t have a backup, you are likely to be in a situation where you have to choose between potentially paying large sums to criminals, or considering data as lost and scattered among criminals.
There are three words that apply in computer security, and Østre-Toten has been affected by each of them: NSonfidensialite, Integritet and NSavailability (several).
Tor Peter Abrahamsen, HP security expert.
related to Secrecy Is the imminent risk that your data will be traded between criminals on the “dark web” – this could mean problems later on, possibly a competitive advantage for others in the same industry, lawsuits and more.
It will be difficult to trust the equipment that will secure the systems, if one of them is hacked. Therefore, it is important to integrity Present. What do you do next? Replaces everything or only parts of the systems? You probably see no other way than to buy everything new, and it quickly becomes very expensive.
burn for this: Availability. Remember that everything completely stopped working for the municipality when they were attacked.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”