How To Prevent The Data Breach Suffered By The Norwegian Government
Last week, a significant data breach was announced by the Norwegian government. It was discovered that 12 government ministries had fallen victim to a hack that exploited a “zero-day” vulnerability (i.e., a previously unknown exploit, cataloged as CVE-2023-35078). The vulnerability was in one of the government’s third-party platforms, @Ivanti’s mobile endpoint management system, which allows users to access the Norwegian government network. By exploiting the vulnerability, attackers could remotely access users’ information, including emails, without requiring credentials.
The breach only came to light when unusual data traffic was detected, raising a red flag. It remains unclear who is responsible for the hack; however, it is worth noting that a recent attack in Norway was attributed to Russia-linked group, Killnet.
Following the incident, Ivanti released a patch to their software, which is used by thousands of other organizations. However, the Norwegian security organizations still investigate the full extent of the damage caused.
Maritime Cyber Security: Lessons from the Norwegian Government Breach
-
Update Ivanti’s Mobile Endpoint Management System: If you are currently using Ivanti’s mobile endpoint management system, it is crucial to update it immediately.
-
Implement Network Detection and Response (NDR) System: “Zero-day” attacks are particularly hard to identify as they exploit previously unknown vulnerabilities. Deploying a Network Detection and Response (NDR) system with real-time Detection (IDS) and anomaly detection capabilities can help detect and respond to such attacks promptly.
-
Segregate Sensitive Information and Manage User Access: To minimize the potential damage in the event of a breach, it is essential to segregate sensitive information and carefully manage user access credentials. This approach prevents unauthorized access to critical data and limits the scope of a potential breach.
Contact us to learn how Cydome can help you prevent such unknown maritime cybersecurity vulnerabilities with real-time anomaly detection.
