One of the Microsoft Exchange exploit victims - the Norwegian parliament (Storting). This is the second time it has been hacked in half a year
スレッド
会話
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="48" height="48"><rect fill-opacity="0"/></svg>)
返信先: さん
What we know is that information has been extracted (of course), and they have contacted NSM and reported the case to the police
1
3
10 organizations in Norway are known to be hit, and as of Sunday we 269 Norwegian Exchange servers were known to be unpatched.
1
1
3
There's now a press-conference with the president of the Storting (kinda like a president of congress), and director of the Storting (who's in charge of the administrative functions and is a sec to the pres of Storting)
1
3
atm they are not sure about the impact, but say it's bigger and more complex than the attack a couple of months ago
1
3
"This an attack on our democracy", "The attack hits us at the core of our values"
1
1
4
DirStorting describing it as an 0-day (which could indicate the timing of the attack) (we'll come back to this)
1
3
atm there's no indication of connection with the previous attack
1
3
Timeline:
March 2nd - MSFT goes public re exploit
3rd - patch available and installed by Storting
5th - Storting receives alert from NSM about irregular traffic against Storting systems
1
2
3
5th - NSM goes public about attacks against Norway
8th (late) - Storting receives verification that data had been extracted
NSM involved in analyzis and counters
1
3
Forced password resets for all reps and emps (yay)
1
3
DirStort stating that they could not have avoided the attack and that they weren't alone
1
3
NRK asking why the email-system was used after friday
1
1
3
One bit of good news - this system wasn't used for classified materials
6
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="240" height="132"><rect fill-opacity="0"/></svg>)
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24"><rect fill-opacity="0"/></svg>)
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="120" height="91"><rect fill-opacity="0"/></svg>)
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="240" height="133"><rect fill-opacity="0"/></svg>)