– We immediately chose to remove all services, following the recommendation of national security authorities. We didn’t have the necessary security update, and there could be a risk that the systems vulnerability could be exploited, says Frode Nordfjellmark, Press Officer at NRK’s Brønnøysund Records.
On Friday, a serious security flaw was discoveredti a logging tool called Apache Log4j.
“The tool is used by many Java-based applications and services, is easy to exploit, and will give attackers full control over affected systems,” writes the National Security Authority (NSM) on its website.
On Sunday at 6:30 p.m. Brønnøysund registers can inform that they have a large part of their systems in place.
– Now only our online hearing service is unavailable, says Frode Nordfjellmark.
Worked on the bug since Friday
According to NSM, the system vulnerability is described as particularly critical for several reasons. The bug affects everything integrated and recorded by the Log4j tool.
The case was first mentioned by Dagens Næringsliv.
The error affects thousands of businesses and businesses around the world. Including parts of the Altinn and Brønnøysund registers.
-VYou worked on it all weekend. Much has been done, but much remains, says Frode Nordfjellmark in Brønnøysund records.
– When do you expect to be able to turn your systems back on?
-VI’m making good progress with our work and doing what we can to make it available as soon as possible.
According to NSM, this type of security flaw can be exploited very quickly.
400,000 attempts to exploit the bug
So far, there is no indication that Norwegian companies have been exploited in connection with the error. But several attempts have been made to exploit the security flaw, writes NSM.
– We don’t yet know who is trying to exploit the vulnerability, but there could be many actors. These can be criminal actors planting encryption viruses, foreign intelligence services stealing sensitive information from Norwegian authorities or government-affiliated companies, writes senior adviser Anniken Beyer Fjeld to NSM in an email to NRK.
The security company Check Point writes in an e-mail to NRK that it is closely monitoring the situation. According to them, since Friday, they have prevented more than 400,000 attempts to exploit the security flaw.
– IT and security teams need to take immediate action to protect their systems. It’s typical for something like this to happen on weekends and as holidays approach, security teams are often slower to take the necessary action, writes Erling Schackt, head of security at Check Point Norway, at NRK.
But NSM points out that it can be difficult to know if your company is affected by the error. The Log4j tool is part of several Java-based third-party software and services used by many companies.
NSM recommends all companies that use this tool to update their systems as soon as possible.