At the Government press conference on February the 5th, Minister of Defence Tore O. Sandvik highlighted Norway’s commitment to supporting Ukraine and strengthening defence cooperation with its allies. He referred to Russia’s willingness to resort to sabotage and other covert measures to obstruct Western military support for Ukraine.
Minister of Justice Astri Aas-Hansen pointed out the need to strengthen society’s resilience and awareness. against threats such as terrorism, espionage and cyberattacks. She called for increased cooperation between public and private actors to protect the nation’s security.
Challenging
Reports from NIS, NSM and PST give businesses insights into managing the threat landscape and implementing risk mitigation measures. This year’s reviews indicate a persistently challenging security policy situation.
Norway is an important supplier of gas and energy to Europe, and the infrastructure on the continental shelf and the onshore facilities are of interest to foreign states. PST notes that the threat landscape will be characterised by national intelligence activities, influence and sabotage through the use of proxy actors. The petroleum industry is particularly exposed to espionage and sabotage, of subsea cables, gas pipelines, facilities and installations. The consequences of such actions can be significant for both the industry and national security.
Likely
To emphasise the threat to the petroleum industry, Fokus 2025 reports that: “Particularly serious is the threat to communications cables linking Europe and the USA and to energy supplies such as gas pipelines.” In its national threat assessment, NTV 2025, PST considers it: “likely that Russia may find it beneficial to carry out sabotage actions against targets in Norway in 2025. They also assess that Norwegian-owned energy infrastructure could be the target ofsuch actions in the coming year.”
Furthermore, the PST emphasises that Russia poses the greatest threat within maritime covert intelligence activities. The petroleum sector has experienced a variety of incidents, such as drone activity and vessels operating close to facilities or subsea infrastructure. This type of action can be carried out to survey emergency preparedness and crisis management." The Norwegian Ocean Industry Authority (Havtil) supports the industry and follows up incidents.
In its threat assessment, Risiko 2025, NSM stresses the importance of turning words into action.
“Critical infrastructure, such as fibre-optic cables, power lines and gas pipes, are types of assets that we will never be able to fully secure. Along with security measures, it is therefore equally important to provide backup solutions and good repair capacity.” “NSM recommends prioritising backup solutions and resilience, monitoring and detection measures, and practising contingency plans.”
Persistent
This year’s risk and threat assessments also emphasise the persistent risk associated with cyberspace and the need for continuous development of measures and awareness.
NSM states that, globally, the number of exploited zero-day vulnerabilities increased by 50% over the previous year. The rise in exploited zero-day vulnerabilities, paired with the decreasing time from when a vulnerability is identified to when it is actively exploited, means that an enterprise’s ability to systematically identify and quickly close digital vulnerabilities is becoming increasingly important. Living off the land (LOTL) techniques are also highlighted as a growing threat to the digital domain. In this scenario, the attacker uses legitimate existing tools within the digital infrastructure they have broken into to carry out an attack. The use of such techniques emphasise the need for a holistic security approach, in which increased vigilance and plans to manage such threats, also on an operational level, are important.
Developing
Artificial intelligence (AI) is also pointed out as a developing tool – including for malicious actors both with and without in-depth technical expertise.
“Artificial Intelligence (AI) has increased in popularity and accessibility over the past few years. The opportunities arising from progress in AI are significant, while the opportunities for malicious use of the technology are increasing similarly”
Risk
AI is increasingly used for cyberattacks and to identify vulnerabilities in systems. This is happening at the same time as the information assets from the industrial ICT systems are being made available in the cloud, to facilitate the increasing use of AI in the industry. In 2024, Havtil found that vulnerabilities in the security solutions are particularly exposed – this also applies to the solutions intended to provide necessary protection for remote access.
Threat actors often seek the easiest way in. NSM observes that: “Insider risk is real, and preventive measures must be prioritised. Day-to-day security management is key to reducing insider risk.” Preventive measures must be prioritised to reduce the risk of insiders and to secure assets.
Vulnerabilites
Complex supply chains mean that, increasingly, vulnerabilities at suppliers constitute vulnerabilities for companies. This means that supplier assurance through good qualification routines, monitoring and sharing with suppliers is gaining greater focus.
NSM emphasises the importance of security in procurement processes. It is important to clarify the security needs associated with procurement and detect vulnerabilities in the processes.
Risk mitigation
This requires an overview of one's own assets, an understanding of the significance of these assets for value chains and one's own operations, an understanding of the threat landscape, and an assessment of vulnerabilities and dependencies. Necessary risk mitigation measures must be implemented."
Recent years have shown that the threat picture has changed, and the threats facing businesses and the industry are complex. This is also recognised in this year’s reports. A good understanding of one’s own value chains and the threat situation provides the petroleum industry with a solid foundation for implementing necessary safeguards and security measures, and further strengthen protection of the companies.