Space Norway
Company Details
Linkedin ID:
space-norway
Website:
Employees number:
114
Number of followers:
8,676
NAICS:
5174
Industry Type:
Homepage:
spacenorway.com
IP Addresses:
0
Company ID:
SPA_3377786
Scan Status:
In-progress
Space Norway Company CyberSecurity Posture
spacenorway.com
Space Norway is Northern Europe’s leading satellite communications services provider and a key player in the European space industry. We provide secure and reliable satellite connectivity services to governments, public and defence sectors, commercial maritime, land-based industries, and broadcasters. Our portfolio of satellites, teleport infrastructure and sub-marine cables enables us to deliver intelligent solutions that meet the needs of clients in Europe, the Arctic, the Middle East and North Africa. Our team’s industry-leading expertise, agility and commitment to excellence allow us to respond swiftly to market demands, accelerating technological breakthroughs. Our mission is to harness space for security, research, commercial growth, and beyond. We remain at the forefront of innovation - enhancing life and expanding possibilities. The Group is owned by the Norwegian Ministry of Trade, Industry and Fisheries and represents the Norwegian Government’s strategic interests in the sector. Our subsidiaries include Space Norway Satcom AS (formerly, Telenor Satellite AS), Space Norway Heosat AS, Statsat AS and Kongsberg Satellite Services AS (KSAT). Space Norway. Space for More.
Space Norway A.I CyberSecurity Scoring
Space Norway Risk Score (AI oriented)Between 700 and 749
Space Norway
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Space Norway Global Score (TPRM)XXXX
Space Norway
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Space Norway Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Space Norway (operator of the Svalbard Undersea Cable System)
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: In January 2022, Space Norway’s Svalbard Undersea Cable System the world’s northernmost subsea fiber-optic cables connecting mainland Norway to the Svalbard archipelago suffered deliberate sabotage. The damage occurred in a deep-sea section (980ft to 9,000ft depth) where cables are typically buried six feet below the seabed, yet were severed by suspected Russian hybrid warfare tactics. Norwegian police confirmed 'human impact' as the cause, while open-source investigations revealed Russian trawlers made over a dozen passes over the cable route before the outage. Though redundant systems prevented service disruption for Svalbard’s users (including critical Arctic research stations and satellite ground stations), the attack demonstrated vulnerabilities in NATO’s northern infrastructure. The incident aligned with broader Russian strategies to test allied responses, disrupt communications, and exploit undersea infrastructure as a geopolitical pressure point. No perpetrators were prosecuted due to lack of direct evidence, but the pattern mirrored other Baltic Sea cable sabotage linked to Russia’s shadow fleet, reinforcing concerns over critical infrastructure resilience in the High North.
Space Norway Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Space Norway
Incidents vs Satellite Telecommunications Industry Average (This Year)
No incidents recorded for Space Norway in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Space Norway in 2026.
Incident Types Space Norway vs Satellite Telecommunications Industry Avg (This Year)
No incidents recorded for Space Norway in 2026.
Incident History — Space Norway (X = Date, Y = Severity)
Space Norway cyber incidents detection timeline including parent company and subsidiaries
Space Norway Company Subsidiaries
Space Norway is Northern Europe’s leading satellite communications services provider and a key player in the European space industry. We provide secure and reliable satellite connectivity services to governments, public and defence sectors, commercial maritime, land-based industries, and broadcasters. Our portfolio of satellites, teleport infrastructure and sub-marine cables enables us to deliver intelligent solutions that meet the needs of clients in Europe, the Arctic, the Middle East and North Africa. Our team’s industry-leading expertise, agility and commitment to excellence allow us to respond swiftly to market demands, accelerating technological breakthroughs. Our mission is to harness space for security, research, commercial growth, and beyond. We remain at the forefront of innovation - enhancing life and expanding possibilities. The Group is owned by the Norwegian Ministry of Trade, Industry and Fisheries and represents the Norwegian Government’s strategic interests in the sector. Our subsidiaries include Space Norway Satcom AS (formerly, Telenor Satellite AS), Space Norway Heosat AS, Statsat AS and Kongsberg Satellite Services AS (KSAT). Space Norway. Space for More.
Loading...
Space Norway Similar Companies
Millicom (NASDAQ U.S.: TIGO, Nasdaq) is a leading provider of fixed and mobile telecommunications services in Latin America. Through our TIGO® and Tigo Business® brands, we provide a wide range of digital services and products, including TIGO Money for mobile financial services, TIGO Sports for loca
Axiata
AXIATA GROUP BERHAD 242188-H (199201010685) In pursuit of its vision to be The Next Generation Digital Champion, Axiata is a diversified telecommunications and digital conglomerate operating Digital Telcos, Digital Businesses and Infrastructure businesses across a footprint spanning ASEAN and Sout
Ericsson
The future of mobile isn’t on the horizon, it’s happening now. At Ericsson, we’re building the foundation for an open network ecosystem where industries, developers, and enterprises thrive. The convergence of 5G, AI, cloud, and network APIs isn’t just a technological shift; it’s a transformation th
Huawei is a leading global provider of information and communications technology (ICT) infrastructure and smart devices. With integrated solutions across four key domains – telecom networks, IT, smart devices, and cloud services – we are committed to bringing digital to every person, home and organi
Charter Communications, Inc. (NASDAQ: CHTR) is a leading broadband connectivity company and cable operator with services available to more than 57 million homes and businesses in 41 states through its Spectrum brand. Over an advanced communications network, the company offers a full range of state-o
Claro Brasil
Prazer, somos a Claro! Aqui, temos um grande time que faz tudo acontecer! É com o esforço e a dedicação de cada uma de nossas Pessoas que somos hoje referência no que fazemos, atuando unidos no nosso propósito, que é “Conectar para uma vida mais divertida e produtiva”. Somamos todas as tecnologias
Telkomsel
Connecting Nation. Accelerating Indonesia's Future. As Indonesia's leading digital telecommunications company, Telkomsel is committed to building a connected, competitive, and future-ready society. For over 29 years, we've empowered individuals, homes, and businesses with innovative connectivity an
Ooredoo Group
We are an award-winning international communications company operating across the Middle East, North Africa and Southeast Asia. Serving consumers and businesses in 10 countries, we deliver a leading data experience through a broad range of content and services via our advanced, data-centric mob
Proximus Group
Proximus Group is a provider of future-proof connectivity, IT and digital services, headquartered in Brussels. The Group is actively engaged in building a connected world that people trust, so society blooms. The Domestic segment is focused on providing state-of-the art telecommunications and IT se
.png)
Space Norway CyberSecurity News
January 20, 2026 06:57 PM
The Arctic Space Race Heats Up
Geopolitical, economic, and climate change dynamics drive the need for better satcom capabilities in the strategic Arctic region.
January 20, 2026 06:57 PM
10 Defining Moments in Space and Cybersecurity in 2025
Top space and cyber influencers look back at critical cyber events of 2025, and how these events have implications for the space industry.
December 10, 2025 08:00 AM
Kongsberg and Helsing Invest in Intelligence Constellation for Europe
European defense tech firms — Norway's Kongsberg Defence & Aerospace and Germany's Helsing — plan to build a multi-sensor satellite...
November 20, 2025 08:00 AM
Looking north: Arctic security and allied space futures
With tensions in the Arctic heating up, join us for conversations on Arctic security and the role of space-based capabilities for both...
November 07, 2025 08:00 AM
Chinese-made electric buses on Australian roads spark cybersecurity concerns after Norway flags issue
The same Chinese company that makes electric buses now under review in Denmark and Norway also has electric buses on Australian roads.
October 25, 2025 07:00 AM
Researcher: "There's a growing rivalry in space right now"
A British general says their satellites are being disrupted by other actors. A Norwegian researcher says we will see more of this in the...
October 14, 2025 07:00 AM
Space Norway Chooses Media Excel for Video Encoding Headend
Space Norway is teaming up with Media Excel to power a next-generation encoding headend for premium video distribution.
September 15, 2025 07:00 AM
Space Norway signs new launch agreement with SpaceX
Space Norway has signed a contract with SpaceX for the launch of the new communications satellite, THOR 8, into geostationary orbit.
September 11, 2025 07:00 AM
Allente Taps Space Norway for Further Broadcast Capacity
Space Norway has signed a new broadcast deal in the Nordic region with Allente, a major player in the Nordic pay-TV market, for long-term...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Space Norway CyberSecurity History Information
Official Website of Space Norway
The official website of Space Norway is http://www.spacenorway.com.
Space Norway’s AI-Generated Cybersecurity Score
According to Rankiteo, Space Norway’s AI-generated cybersecurity score is 749, reflecting their Moderate security posture.
How many security badges does Space Norway’ have ?
According to Rankiteo, Space Norway currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Space Norway been affected by any supply chain cyber incidents ?
According to Rankiteo, Space Norway has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Space Norway have SOC 2 Type 1 certification ?
According to Rankiteo, Space Norway is not certified under SOC 2 Type 1.
Does Space Norway have SOC 2 Type 2 certification ?
According to Rankiteo, Space Norway does not hold a SOC 2 Type 2 certification.
Does Space Norway comply with GDPR ?
According to Rankiteo, Space Norway is not listed as GDPR compliant.
Does Space Norway have PCI DSS certification ?
According to Rankiteo, Space Norway does not currently maintain PCI DSS compliance.
Does Space Norway comply with HIPAA ?
According to Rankiteo, Space Norway is not compliant with HIPAA regulations.
Does Space Norway have ISO 27001 certification ?
According to Rankiteo,Space Norway is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Space Norway
Space Norway operates primarily in the Satellite Telecommunications industry.
Number of Employees at Space Norway
Space Norway employs approximately 114 people worldwide.
Subsidiaries Owned by Space Norway
Space Norway presently has no subsidiaries across any sectors.
Space Norway’s LinkedIn Followers
Space Norway’s official LinkedIn profile has approximately 8,676 followers.
NAICS Classification of Space Norway
Space Norway is classified under the NAICS code 5174, which corresponds to Satellite Telecommunications.
Space Norway’s Presence on Crunchbase
No, Space Norway does not have a profile on Crunchbase.
Space Norway’s Presence on LinkedIn
Yes, Space Norway maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/space-norway.
Cybersecurity Incidents Involving Space Norway
As of January 21, 2026, Rankiteo reports that Space Norway has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Space Norway has an estimated 33 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Space Norway ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does Space Norway detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with nato operation baltic sentry (2024), incident response plan activated with finnish national bureau of investigation (estlink 2 case), incident response plan activated with norwegian police (svalbard cable investigation), and third party assistance with marinetraffic (ship tracking data), third party assistance with open-source intelligence (osint) for trawler movements, and and containment measures with detention of *eagle s* vessel (later released), containment measures with increased maritime patrols (nato assets), and remediation measures with cable repairs (status unspecified), remediation measures with nato-industry collaboration for infrastructure resilience, and recovery measures with swedish military exercises (counter-sabotage drills), recovery measures with enhanced surveillance of undersea cables, and communication strategy with public statements by nato secretary general mark rutte, communication strategy with media interviews with lithuanian fm gabrielius landsbergis, communication strategy with cbs news investigative reports, and enhanced monitoring with nato naval drones and aircraft patrols, enhanced monitoring with national surveillance assets (unspecified)..
Incident Details
Can you provide details on each incident ?
Title: Alleged Russian Sabotage of Undersea Cables in the Baltic Sea (2022–2024)
Description: A series of suspected sabotage incidents targeting undersea fiber optic cables in the Baltic Sea, allegedly linked to Russian hybrid warfare tactics. The cables, critical for global internet traffic, financial transactions, and military communications, were damaged in multiple instances, including drag marks from anchors and loitering vessels. Finland, Estonia, Norway (Svalbard), and other Baltic NATO members reported disruptions, with Russia denying involvement. The incidents are part of broader hybrid warfare tactics, including cyberattacks, infrastructure sabotage, and espionage, aimed at testing NATO resolve and intimidating regional populations. NATO launched 'Baltic Sentry' in 2024 to counter these threats.
Date Detected: 2022-01-07
Date Publicly Disclosed: 2022-02-00
Type: Physical Sabotage
Attack Vector: Anchor Dragging (Ships/Trawlers)Underwater Sabotage (Unconfirmed Explosives)Loitering Near Cable RoutesPlausible Deniability via 'Shadow Fleet' Vessels
Vulnerability Exploited: Shallow Depth of Baltic Sea (Ease of Anchor Damage)Unburied or Lightly Buried Cables in Steep TerrainLack of Real-Time Monitoring for Undersea InfrastructureGeopolitical Tensions (NATO Expansion, Ukraine War)
Threat Actor: Primary: Russian State-Affiliated Actors (Alleged)Secondary: ["Russian 'Shadow Fleet' Vessels (e.g., *Eagle S*)", 'Russian Fishing Trawlers (Svalbard Incident)', 'Ukrainian Citizens Linked to Russian Intelligence (Poland Rail Sabotage)']Denial: Russia denies all allegations, labeling them 'Russophobia'
Motivation: Intimidation of Baltic States and NATO AlliesTesting NATO Unity and Response CapabilitiesDisruption of Critical Infrastructure as Hybrid Warfare TacticRetaliation for Western Support of UkrainePotential Prelude to Larger Military Escalation
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Anchor Drag Marks (Physical Damage)Vessel Loitering Near Cable Routes (Reconnaissance).
Impact of the Incidents
What was the impact of each incident ?
Incident : Physical Sabotage SPA0002100112125
Systems Affected: Estlink 2 (Finland-Estonia Power/Telecom Cable)Svalbard Undersea Cable System (Norway)Unspecified Telecom Cables in Gulf of Finland
Downtime: [{'system': 'Estlink 2', 'duration': 'Partial outage (Christmas 2024)', 'restoration': 'Unknown'}, {'system': 'Svalbard Cable', 'duration': 'Jan 7, 2022 (Redundant cable prevented service loss)', 'restoration': 'Investigation closed (no evidence)'}]
Operational Impact: Reduced Interconnectivity Between Finland and EstoniaIncreased NATO Maritime Patrols (Operation Baltic Sentry)Swedish Military Exercises for Counter-Sabotage
Brand Reputation Impact: Erosion of Trust in Undersea Infrastructure ResiliencePerception of NATO Vulnerability to Hybrid Threats
Legal Liabilities: Finnish Criminal Charges Against *Eagle S* Crew (Dismissed on Appeal)
Which entities were affected by each incident ?
Incident : Physical Sabotage SPA0002100112125
Entity Name: Finland
Entity Type: Government
Industry: Critical Infrastructure (Energy/Telecom)
Location: Baltic Sea (Gulf of Finland)
Size: National
Customers Affected: Partial outage for Finland-Estonia connectivity
Incident : Physical Sabotage SPA0002100112125
Entity Name: Estonia
Entity Type: Government
Industry: Critical Infrastructure (Energy/Telecom)
Location: Baltic Sea (Gulf of Finland)
Size: National
Customers Affected: Partial outage for Finland-Estonia connectivity
Incident : Physical Sabotage SPA0002100112125
Entity Name: Norway (Space Norway)
Entity Type: State-Owned Enterprise
Industry: Telecommunications
Location: Greenland Sea (Svalbard Cable)
Size: National
Customers Affected: No service loss (redundant cable)
Incident : Physical Sabotage SPA0002100112125
Entity Name: NATO
Entity Type: Military Alliance
Industry: Defense/Critical Infrastructure Protection
Location: Baltic Sea Region
Size: Multinational
Customers Affected: Increased operational burden (Baltic Sentry)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Physical Sabotage SPA0002100112125
Incident Response Plan Activated: ['NATO Operation Baltic Sentry (2024)', 'Finnish National Bureau of Investigation (Estlink 2 Case)', 'Norwegian Police (Svalbard Cable Investigation)']
Third Party Assistance: Marinetraffic (Ship Tracking Data), Open-Source Intelligence (Osint) For Trawler Movements.
Containment Measures: Detention of *Eagle S* Vessel (Later Released)Increased Maritime Patrols (NATO Assets)
Remediation Measures: Cable Repairs (Status Unspecified)NATO-Industry Collaboration for Infrastructure Resilience
Recovery Measures: Swedish Military Exercises (Counter-Sabotage Drills)Enhanced Surveillance of Undersea Cables
Communication Strategy: Public Statements by NATO Secretary General Mark RutteMedia Interviews with Lithuanian FM Gabrielius LandsbergisCBS News Investigative Reports
Enhanced Monitoring: NATO Naval Drones and Aircraft PatrolsNational Surveillance Assets (Unspecified)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as NATO Operation Baltic Sentry (2024), Finnish National Bureau of Investigation (Estlink 2 Case), Norwegian Police (Svalbard Cable Investigation), .
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through MarineTraffic (Ship Tracking Data), Open-Source Intelligence (OSINT) for Trawler Movements, .
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Cable Repairs (Status Unspecified), NATO-Industry Collaboration for Infrastructure Resilience, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by detention of *eagle s* vessel (later released), increased maritime patrols (nato assets) and .
Ransomware Information
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Swedish Military Exercises (Counter-Sabotage Drills), Enhanced Surveillance of Undersea Cables, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Physical Sabotage SPA0002100112125
Legal Actions: Finnish Criminal Case Against *Eagle S* Crew (Dismissed),
Regulatory Notifications: NATO Coordination Under Article 5 (Potential Future Trigger)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Finnish Criminal Case Against *Eagle S* Crew (Dismissed), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Physical Sabotage SPA0002100112125
Lessons Learned: Undersea Cables Are Vulnerable to Physical Sabotage in Shallow Waters, Hybrid Warfare Blurs Lines Between Cyber, Physical, and Psychological Attacks, Plausible Deniability via 'Shadow Fleet' Complicates Attribution, NATO Unity Is Critical to Deterring Further Escalation, Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables)
What recommendations were made to prevent future incidents ?
Incident : Physical Sabotage SPA0002100112125
Recommendations: Increase Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage Incidents
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Undersea Cables Are Vulnerable to Physical Sabotage in Shallow Waters,Hybrid Warfare Blurs Lines Between Cyber, Physical, and Psychological Attacks,Plausible Deniability via 'Shadow Fleet' Complicates Attribution,NATO Unity Is Critical to Deterring Further Escalation,Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables).
References
Where can I find more information about each incident ?
Incident : Physical Sabotage SPA0002100112125
Source: Royal United Services Institute (RUSI)
URL: https://rusi.org
Date Accessed: 2024-11-00
Incident : Physical Sabotage SPA0002100112125
Source: Finnish National Bureau of Investigation
URL: https://poliisi.fi
Date Accessed: 2024-10-00
Incident : Physical Sabotage SPA0002100112125
Source: Space Norway (Svalbard Cable Operator)
Date Accessed: 2022-01-00
Incident : Physical Sabotage SPA0002100112125
Source: NATO Press Release (Operation Baltic Sentry)
URL: https://www.nato.int
Date Accessed: 2024-01-00
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: CBS NewsUrl: https://www.cbsnews.comDate Accessed: 2024-11-00, and Source: Royal United Services Institute (RUSI)Url: https://rusi.orgDate Accessed: 2024-11-00, and Source: Finnish National Bureau of InvestigationUrl: https://poliisi.fiDate Accessed: 2024-10-00, and Source: Space Norway (Svalbard Cable Operator)Url: https://spacenorway.noDate Accessed: 2022-01-00, and Source: NATO Press Release (Operation Baltic Sentry)Url: https://www.nato.intDate Accessed: 2024-01-00.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Physical Sabotage SPA0002100112125
Investigation Status: [{'case': 'Estlink 2 (Finland-Estonia)', 'status': 'Criminal Charges Dismissed (Prosecutors Appealing)'}, {'case': 'Svalbard Cable (Norway)', 'status': 'Closed (Lack of Evidence)'}, {'case': 'Polish Rail Sabotage', 'status': 'Ongoing (Suspects Identified)'}]
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Statements By Nato Secretary General Mark Rutte, Media Interviews With Lithuanian Fm Gabrielius Landsbergis and Cbs News Investigative Reports.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Physical Sabotage SPA0002100112125
Stakeholder Advisories: Nato Members Urged To Enhance Critical Infrastructure Protection, Baltic States Advised To Diversify Connectivity Routes, Energy And Telecom Sectors Warned Of Hybrid Threats.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Nato Members Urged To Enhance Critical Infrastructure Protection, Baltic States Advised To Diversify Connectivity Routes and Energy And Telecom Sectors Warned Of Hybrid Threats.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Physical Sabotage SPA0002100112125
Entry Point: Anchor Drag Marks (Physical Damage), Vessel Loitering Near Cable Routes (Reconnaissance),
Reconnaissance Period: ['Svalbard Incident: >12 Trawler Passes Before Damage', 'Eagle S: Departed Ust-Luga on Day of Outage']
High Value Targets: Estlink 2 (Finland-Estonia Interconnect), Svalbard Cable (Northernmost Subsea System), Baltic Nato Members' Limited Redundancy,
Data Sold on Dark Web: Estlink 2 (Finland-Estonia Interconnect), Svalbard Cable (Northernmost Subsea System), Baltic Nato Members' Limited Redundancy,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Physical Sabotage SPA0002100112125
Root Causes: Geopolitical Tensions (Russia-Nato, Ukraine War), Physical Vulnerability Of Undersea Cables In Shallow Waters, Lack Of Unified Deterrence Against Hybrid Tactics, Plausible Deniability Via Non-State Proxy Vessels,
Corrective Actions: Nato Operation Baltic Sentry (Maritime Patrols), Finnish Appeal Of Dismissed Charges Against *Eagle S* Crew, Swedish Counter-Sabotage Military Exercises, Proposed Nato Article 5 Clarifications For Hybrid Attacks,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Marinetraffic (Ship Tracking Data), Open-Source Intelligence (Osint) For Trawler Movements, , Nato Naval Drones And Aircraft Patrols, National Surveillance Assets (Unspecified), .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Nato Operation Baltic Sentry (Maritime Patrols), Finnish Appeal Of Dismissed Charges Against *Eagle S* Crew, Swedish Counter-Sabotage Military Exercises, Proposed Nato Article 5 Clarifications For Hybrid Attacks, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Primary: Russian State-Affiliated Actors (Alleged)Secondary: ["Russian 'Shadow Fleet' Vessels (e.g., *Eagle S*)", 'Russian Fishing Trawlers (Svalbard Incident)', 'Ukrainian Citizens Linked to Russian Intelligence (Poland Rail Sabotage)']Denial: Russia denies all allegations and labeling them 'Russophobia'.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-01-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-02-00.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Estlink 2 (Finland-Estonia Power/Telecom Cable)Svalbard Undersea Cable System (Norway)Unspecified Telecom Cables in Gulf of Finland.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was marinetraffic (ship tracking data), open-source intelligence (osint) for trawler movements, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Detention of *Eagle S* Vessel (Later Released)Increased Maritime Patrols (NATO Assets).
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Finnish Criminal Case Against *Eagle S* Crew (Dismissed), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables).
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Deepen NATO-Industry Collaboration for Infrastructure Hardening, Expand Maritime Domain Awareness in the Baltic Sea, Increase Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Develop Rapid-Response Protocols for Cable Sabotage Incidents and Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Space Norway (Svalbard Cable Operator), CBS News, Royal United Services Institute (RUSI), NATO Press Release (Operation Baltic Sentry) and Finnish National Bureau of Investigation.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.cbsnews.com, https://rusi.org, https://poliisi.fi, https://spacenorway.no, https://www.nato.int .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is [{'case': 'Estlink 2 (Finland-Estonia)', 'status': 'Criminal Charges Dismissed (Prosecutors Appealing)'}, {'case': 'Svalbard Cable (Norway)', 'status': 'Closed (Lack of Evidence)'}, {'case': 'Polish Rail Sabotage', 'status': 'Ongoing (Suspects Identified)'}].
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was NATO Members Urged to Enhance Critical Infrastructure Protection, Baltic States Advised to Diversify Connectivity Routes, Energy and Telecom Sectors Warned of Hybrid Threats, .
Initial Access Broker
What was the most recent reconnaissance period for an incident ?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was Svalbard Incident: >12 Trawler Passes Before DamageEagle S: Departed Ust-Luga on Day of Outage.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=space-norway' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
