The Norwegian Intelligence Service, the Police Security Service, and the Norwegian National Security Authority recently published their threat and risk assessments for 2024. The reports cover a range of different threats, including cyberattacks, disinformation, espionage, sabotage, and terrorism. The three agencies call out China, Iran, North-Korea, and Russia, in addition to Islamic and right-wing extremists. At the press conference in February, Minister of Justice and Public Security Emilie Mehl stressed the need for a whole-of-nation approach to defense that spans all stakeholders–both civilian and military. With that in mind, here are my takeaways for high-risk people and organizations–in Norway and elsewhere.
Activists, dissidents, and refugees in Norway are likely to be targeted by authoritarian regimes in 2024. This may also include their family members back home. Prominent people, such as elected officials and high-net-worth individuals, are vulnerable too. The reports don’t mention news media or journalists, but I think it’s reasonable to assume that these two groups are–or can become–targets of state actors as well.
Authoritarian regimes will attempt to identify, surveil, and silence individuals with tactics of fear and repression. According to the Police Security Service, such surveillance may occur at protests and on social media. Individuals, as well as their family members, are likely to face pressure, threats, and harassment–both online and offline. I think it’s worth adding that online attacks may include sophisticated, targeted phishing; relentless social media trolling; mis- and disinformation campaigns; and use of commercial spyware. I highly recommend using Apple’s Lockdown Mode and Google’s Advanced Protection Program.
China and Iran will continue to stifle criticism of its policies and actions, both online and offline. In November, I wrote about how China targets civil society abroad with impersonation; intimidation; mis- and disinformation; attacks using DDoS, phishing, and malware; and even fake bomb threats in Oslo and The Hague. Last week, the U.S. Department of Justice charged seven members of the Chinese hacking group APT31 with “targeting U.S. and foreign critics, businesses, and political officials” for 14 years. The indictment also describes how the group in 2018 targeted the Norwegian government and Visma, a managed service provider, in response to U.S. lawmakers nominating Hong Kong’s Umbrella Movement for the Nobel Peace Prize.
Elected officials will remain targets of foreign intelligence services, they are also likely to face threats and harassment throughout the year. Last month, VG reported that a group of pro-Palestine activists had confronted the leader of the Progress Party, Sylvi Listhaug, outside her place of work. The group, unhappy with Listhaug’s support for Israel, had shouted “shame on you” and “children in Gaza are dying.” The Police Security Service is currently investigating the incident. A week later, NRK and TV2 reported that their journalists had been attacked and prevented from covering a pro-Palestine rally in Skien. The Committee to Protect Journalists has published guidelines on how reporters can stay safe while covering marches and rallies.
Pro-Russian hacktivists will continue to target Norwegian websites with denial-of-service attacks over Norway’s support to Ukraine. While past attacks have had limited success, the Norwegian Intelligence Service warns that future attacks may cast doubt on the ability of public institutions to deliver services. Earlier this year, Prime Minister Jonas Gahr Støre reiterated that Norway’s “support to Ukraine is a long-term commitment.” Cloudflare and Google both offer free services that defend news, human rights, and elections-related sites from this type of attack.
The Norwegian National Security Authority warns about the impact of rapid technological change, including the use of AI to create mis- and disinformation. The agency highlights a 2023 incident in Slovakia where fact-checkers scrambled to deal with a fake audio recording of a political candidate days before the election. False information shared at the right time, in the right way, can shape public opinion. With more than 50 countries holding high-stakes elections throughout the year, it’s even more crucial that we support fact-checking organizations such as Faktisk.no.
Other interesting mentions include: Russia’s desire to build a science center in Pyramiden, the world’s northernmost ghost town; the transition of the Arctic Council leadership from Russia to Norway; and threat actors exploiting zero-days in Ivanti last summer to target the online platform used by 12 different ministries.
I plan to write more about security for journalists and other high-risk communities this year, as part of my work with Granitt. (Feedback and ideas are always welcome!) If you have questions about how to best protect yourself and your organization, please do get in touch.