Lessons Learned From Cyberattack on Norway’s Amedia

Posted inBusiness, Cyber Security, Technology

Norway’s largest media company, Amedia, was hit with a cyberattack that brought the news to a screeching halt.

Cyberattacks have been an ongoing problem for a very long time, but most businesses didn’t pay a lot of attention to it. Some felt that, as a small business or mom and pop shop, they would never be a target of a cyberattack. Some didn’t want to take the time to handle security, concerned more with pushing products. Others simply didn’t know enough about it to address it properly. And nearly every business on the planet is behind on patching or updating systems when fixes are released. But this was before the pandemic, before the epidemic of cyberattacks really took hold and gained traction. Now that businesses have their ears perked up, security is finally coming to the forefront. But for many, it’s too little, too late.

Such is the case for Norwegian media corporation Amedia, which was hit by a cyberattack just a few days after Christmas. The attack literally stopped the presses. An announcement on the company’s website states, “On the night of Tuesday 28 December, several of Amedia’s central computer systems were shut down. The production of online newspapers is going as normal, but no paper newspapers will be published on Wednesday. This is because systems for publishing paper newspapers, advertisements and subscription management do not work as normal.” (Their website is not natively English, the Chrome translation is what is quoted.)

As of the writing of this article, the company is still dealing with the aftermath. An update on January 4 states that they have been instructed by the authorities not to release the cause of the attack as it could benefit the hackers, so the cause is still unknown publicly. The update also states, “Amedia currently has no information that personal data has been published or misused in any way. However, all our employees and our subscribers have received updated information from Amedia about the data attack that affects them, in accordance with the duty to provide information in the Privacy Act. We work continuously to handle the situation and apologize for the inconvenience this entails for our employees and customers, says Nedregotten.  

Amedia can not see at present whether personal data is lost, published or otherwise utilized in its systems. Amedia uses external assistance to quickly and systematically detect whether hackers post or exploit data.” (Chrome translation)

The attack occurred on December 28, and almost two weeks later they still aren’t disclosing the cause of the attack. They can’t tell if any employee or customer had information compromised, but did note that potentially impacted users have been notified.

It really doesn’t matter what end of the spectrum a business falls under with regard to cybersecurity. Whether it was an afterthought, too expensive, too time consuming, whatever the reason, Amedia is showcasing not just why security matters, but why incident response matters and why backups are critical, especially for mission-critical functions. If Amedia had proper analog backups for its systems and services, the presses may not have stopped at all, or at least only for a short while before being brought back online. But they didn’t have that and now they can’t print newspapers, users cannot subscribe, subscribers cannot cancel or order anything. Some of that may be resolved at this point, but it’s a problem that had to be addressed.

Amedia is the second-largest media company in Norway, owning 50 local and regional online and printed newspapers, and the Avisenes Nyhetsbyrå news agency. Think about the impact that had on the entire country, much of which relies on Amedia in some form to get its news. Think about the cost involved in fixing the problem and mitigating further issues. Think about the lost revenue from potential customers who tried to subscribe and couldn’t, so they turned to another media outlet. The lost revenue from customers who will close their accounts after this breach. The lost revenue from ad buyers and the reparations for ad buyers whose ads did not get run as scheduled. There are plenty of other costs and implications to consider in this situation, but what’s here is enough to overwhelm anyone.

Security isn’t here just for fun, it’s not here to be pretty or show off. Security is protection. Just like celebrities have bodyguards and PR pros, businesses need cybersecurity and incident response. Threat actors do not care how big your business is, if you’ve got a lot of money or none at all. They aren’t so much after your money anymore, but the information you have in your possession. Don’t let them get the information you protect! If you don’t have cybersecurity in place or if you have it and aren’t sure it’s up to par or even if you just want a security review, bring in a third party. Hire someone to do this for you so you don’t stress out your staff by asking them to do an extra task when they are already burnt out. Bring in an expert who can tell you exactly what is happening in your company, and if something needs fixed, they can tell you how to do it.

Cyberattacks happen on a regular basis. We only hear about the big ones, but the little ones should be enough to scare us all. These attacks aren’t going anywhere anytime soon because many businesses still put security on the backburner and many businesses still operate with known vulnerabilities that even a novice threat actor can exploit. Patch your systems, update them, and make sure your security is solid before you become the next victim.

About the Author

PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.

Contact us

Contact Us About Anything

Need Project Savers, Tech Debt Wranglers, Bleeding Edge Pushers?

Please drop us a note let us know how we can help. If you need help in a crunch make sure to mark your note as Urgent. If we can't help you solve your tech problem, we will help you find someone who can.

1350 Avenue of the Americas, New York City, NY