According to the Norwegian publication News in English, the trouble lasted a little over an hour.
The hackers deployed attacks throughout the day targeting the websites of Norges Bank, Sparebank 1, Storebrand, Gjensidige, Nordea, Danske Bank and Telenor, along with those of other businesses.
It appears that the attackers leveraged a security flaw in WordPress which allowed them to drive bad traffic to the servers of the targeted victims, consisting of Evry and their customers. Evry representatives said that other methods were also used, but did not disclose the flaw that allowed the incident to occur.
Dagens Næringsliv, a Norwegian publication, reported that they received a message from Anonymous Norway claiming the attack on Norges Bank and other businesses. It seems that Norges Bank was not even aware that their website was down when the email came in.
The message read, “We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us. Sincerely, Anonymous Norway.”
It also said that “the motivation behind the current attacks and the next attacks in the future is to get the community to wake up. The number of major IT security attacks is increasing and there is nothing being done to prevent such events.”
The latest post on the Twitter account of Anonymous Norway denies responsibility for the DDoS incidents that affected Evry and DNB systems and says that script kiddies with no advanced tools are to blame.
Roar Thon, technical director of National Security Authority (NSM), confirmed that deploying a DDoS does not require computer skills or hacking experience, as he told News in English that such an attack “is possible to carry out only with a credit card and the will to destroy.” This means that anyone with money in their pockets can hire botnets to bombard the systems of a victim with junk data.