Hackernoon logoWhy is Cybercrime So Prevalent in Prosperous Scandinavia? by@david.w.balaban

Why is Cybercrime So Prevalent in Prosperous Scandinavia?

David Balaban Hacker Noon profile picture

@david.w.balabanDavid Balaban


Despite its utopian reputation, Scandinavia is a cyber battlefield with data breaches and malware campaigns wreaking havoc.

In addition to geographic, historical and cultural ties, another noteworthy hallmark shared by Scandinavian countries is the ubiquitous digitalization of their economies and the citizens’ day-to-day activities.

This region boasts some of the highest Internet penetration rates across the board, reaching 97%. Moreover, Sweden and Norway rank the second and third in the world by average connection speeds, respectively. The large-scale deployment of fiber optic and LTE infrastructure ensures that even people living on remote islands have unrestricted access to top-notch technologies.

If you put two and two together, you get a juicy potential target for malicious actors. Being in the spotlight of cybercriminals is a major, yet inevitable flip side of the tech progress and welfare. The fact that people and businesses in Scandinavia heavily rely on big data and connectivity means that online adversaries have a lot to steal, defraud or even hold for ransom.

How big is the issue?

According to a recent data breach survey, 21% of Norwegian businesses suffered incidents involving viruses and malware throughout 2017. Two out of three companies in Denmark were reportedly subject to attempts of cyber attacks in 2017, with more than 10% of those incursions being successful. The scope of malicious digital raids in Sweden has grown so big over the past few years that cybersecurity became a priority component of the country’s national security policy in 2018. It comes as no surprise that the adverse tendency is starting to give Scandinavian businesses and governments a heads-up.

Cybercrime trends in Scandinavia

The region isn’t homogeneous in terms of the vectors of malicious online activity. In Denmark, different forms of malware dominate the threat landscape. One such sample dubbed Mazar has been circulating within the country via booby-trapped links arriving at Android devices in text messages. When on board, the culprit eavesdrops on the victim’s web surfing information and steals sensitive data, including passwords and e-banking details.

CEO frauds and investment scams are amongst Norway’s biggest concerns in the security context. The victims are lured into investing in a new startup or cryptocurrency ICO (initial coin offering) with allegedly high returns. Having raised the funds, the crooks vanish without a trace. Another common tactic is to impersonate a company’s executive by hacking their email account and then dupe the staff into transferring funds to a rogue destination.

Phishing is the scourge of the cybersecurity realm in Sweden. Its peculiar type referred to as “vishing” has been gearing up for a rise lately. The con artists cold call users while passing themselves off as representatives of a reputable company, such as Microsoft, and offer “tech support assistance”. They ask the target user to allow a session of remote connection to their computer, only to pilfer private data or install viruses.

On top of that, major data breaches are the common denominator in Scandinavia’s cyber threat ecosystem. These incidents are massive when it comes to the victim count, and the consequences are potentially devastating.

Notorious incidents

Here’s a lowdown on some of the large-scale breaches and malware outbreaks with “Nordic” flavor that have incentivized Scandinavian countries to bolster their cybersecurity practices.

· In early January 2018, a hacking crew compromised the medical records of more than half of Norway’s population. The adversaries targeted an entity called Health South-East RHF, which provides healthcare services in 18 counties, including the capital city Oslo. The organization’s authority spans about 3 million Norwegians, with the country’s total population being 5.2 million citizens.

By the time the IT personnel identified anomalous traffic patterns, the data leak was in full swing, exposing numerous customers’ personal information. Analysts claim the malefactors may take advantage of this data by orchestrating successful future frauds that will appear highly trustworthy.

· A serious data leak incident in Sweden hit the headlines in September 2017. A group of threat actors had allegedly defrauded several dozen businesses, financial institutions and individuals of 40 million kronor (worth about $5 million). The felons sent phishing emails with trojanized attachments to potential targets, which included law firms, government departments, and four banks. The high-profile victims that got on the hook were the country’s leading Swedbank and the Swedish Prison and Probation Service.

The malicious email attachment contained obfuscated code that enabled the hackers to access the host computers and send payments to their own accounts, some of which were in Hong Kong and Kosovo. In the aftermath of the incident, eight suspects were apprehended for the breach and faced trial.

· Back in December 2011, a hacker gang calling themselves “Team Appunity” compromised the database of Hemmelig.com, Norway’s major sex services website. The hacktivists ended up making the list of 26,000 “clients” publicly available.

This shaped up to be a predicament for some Norwegian politicians, celebrities, business leaders, military officers and other representatives of the national elite who turned out to have registered accounts with the embarrassing online marketplace. In an anonymous commentary to local media, the attackers said the service wasn’t well secured, and it took them mere minutes to hack it.

· A hacking group dubbed “Noria” breached the Twitter profile and two email accounts of Anders Breivik Behring, the infamous mass murderer who killed 77 people in Norway in July 2011. Despite the society’s generally approving reaction to this hack, it put the validity of important evidence regarding the tragedy at risk. Norwegian law enforcement agencies tracked down and arrested five members of the group aged 17 to 21 in December the same year.

The punishment is no big deal

The Scandinavian penal codes aren’t too severe in terms of cyber offenses. In Norway and Sweden, most of these crimes entail a penalty not exceeding two years of imprisonment. In the international context, that’s not the worst-case scenario for computer criminals. Just to illustrate the difference, the provisions of the U.S. Computer Fraud and Abuse Act (CFAA) sanction up to five years in jail for first offense and 10-20 years for second offense.

In practice, the punishment for cybercrimes in Scandinavia can be much milder. This was the case with a Swedish Transport Agency official who was fined half of her monthly salary for negligently leaking the personal data of millions of citizens to foreign third-party contractors. Obviously, the laws aren’t much of a restraint for cybercrooks in the region.


Although life in Scandinavia seems quiet and hassle-free on the outside, the region is a cyber battlefield with data breaches and malware campaigns wreaking havoc off and on. It’s probably not by chance that the plot of “The Girl with the Dragon Tattoo” movie, where the main character is an outcast computer hacker, takes place in Sweden.

As the existing security practices don’t appear effective enough to thwart the epidemic, the governments are working on strategic plans to make the defenses more proactive. Meanwhile, users and businesses should stay vigilant when it comes to telltale signals of malicious activity, such as social engineering and spam-based malware distribution. Data in transition can be encrypted and protected when using reliable VPN services Also, leveraging two-factor authentication to protect online accounts is definitely worthwhile as it can stop hackers in their tracks.


Join Hacker Noon

Create your free account to unlock your custom reading experience.