Telenor
Company Details
Linkedin ID:
telenor-group
Website:
Employees number:
22,731
Number of followers:
521,666
NAICS:
517
Industry Type:
Homepage:
telenor.com
IP Addresses:
11
Company ID:
TEL_2710109
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Telenor Vendor Cyber Rating & Cyber Score
telenor.comEMPOWERING SOCIETIES. CONNECTING YOU TO WHAT MATTERS MOST. Telenor Group is a leading telecommunications company across the Nordics and Asia with 158 million subscribers and annual sales of around NOK 99 billions (2022). We are committed to responsible business conduct and driven by the ambition of empowering societies. Connectivity has been Telenor’s domain for more than 165 years, and our purpose is to connect our customers to what matters most. We have four behaviours that guide the way we work: • Always Explore. We believe growth comes from learning every day. We’re curious and we dare to challenge, test, fail fast and pivot. • Create together. We believe diverse teams find better solutions. We seek different perspectives, share, involve and help each other succeed. • Keep promises. We believe that trust is key in all our relationships. We take ownership and pride in delivering with precision and integrity. • Be respectful. We believe in the unique human ability to understand what matters for people. We meet everyone at eye level, listen and show that we care. Telenor is listed at Oslo Stock Exchange under the ticker TEL. For more information, please visit www.telenor.com.
Telenor A.I CyberSecurity Scoring
Telenor Risk Score (AI oriented)Between 750 and 799
Telenor
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Telenor Global Score (TPRM)XXXX
Telenor
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Telenor Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Space Norway (operator of the Svalbard Undersea Cable System)
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of geographical region
Description: In January 2022, Space Norway’s Svalbard Undersea Cable System the world’s northernmost subsea fiber-optic cables connecting mainland Norway to the Svalbard archipelago suffered deliberate sabotage. The damage occurred in a deep-sea section (980ft to 9,000ft depth) where cables are typically buried six feet below the seabed, yet were severed by suspected Russian hybrid warfare tactics. Norwegian police confirmed 'human impact' as the cause, while open-source investigations revealed Russian trawlers made over a dozen passes over the cable route before the outage. Though redundant systems prevented service disruption for Svalbard’s users (including critical Arctic research stations and satellite ground stations), the attack demonstrated vulnerabilities in NATO’s northern infrastructure. The incident aligned with broader Russian strategies to test allied responses, disrupt communications, and exploit undersea infrastructure as a geopolitical pressure point. No perpetrators were prosecuted due to lack of direct evidence, but the pattern mirrored other Baltic Sea cable sabotage linked to Russia’s shadow fleet, reinforcing concerns over critical infrastructure resilience in the High North.
Telenor Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Telenor
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Telenor in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Telenor in 2026.
Incident Types Telenor vs Telecommunications Industry Avg (This Year)
No incidents recorded for Telenor in 2026.
Incident History — Telenor (X = Date, Y = Severity)
Telenor cyber incidents detection timeline including parent company and subsidiaries
Telenor Company Subsidiaries
EMPOWERING SOCIETIES. CONNECTING YOU TO WHAT MATTERS MOST. Telenor Group is a leading telecommunications company across the Nordics and Asia with 158 million subscribers and annual sales of around NOK 99 billions (2022). We are committed to responsible business conduct and driven by the ambition of empowering societies. Connectivity has been Telenor’s domain for more than 165 years, and our purpose is to connect our customers to what matters most. We have four behaviours that guide the way we work: • Always Explore. We believe growth comes from learning every day. We’re curious and we dare to challenge, test, fail fast and pivot. • Create together. We believe diverse teams find better solutions. We seek different perspectives, share, involve and help each other succeed. • Keep promises. We believe that trust is key in all our relationships. We take ownership and pride in delivering with precision and integrity. • Be respectful. We believe in the unique human ability to understand what matters for people. We meet everyone at eye level, listen and show that we care. Telenor is listed at Oslo Stock Exchange under the ticker TEL. For more information, please visit www.telenor.com.
Loading...
Telenor Similar Companies
Spectrum
Spectrum is a suite of advanced communications services offered by Charter Communications, Inc. (NASDAQ:CHTR), a leading broadband connectivity company available to more than 57 million homes and small to large businesses across 41 states. Founded in 1993, Charter has evolved from providing cable TV
Free
Trublion historique des Télécoms, Free reste un opérateur pas comme les autres. Nous continuons de nous distinguer de nos concurrents par nos produits, par notre politique tarifaire ou encore par le ton employé avec nos abonnés. Cette différence a aussi construit la grande entreprise que nous somme
Telekom Malaysia
TM is the national connectivity and digital infrastructure provider and Malaysia’s leading integrated telco; offering a comprehensive suite of communication services and solutions in fixed (telephony and broadband), mobility, content, WiFi, ICT, Cloud and smart services. TM is driven by stakeholder
Vodafone Idea Limited is an Aditya Birla Group and Vodafone Group partnership. It is India’s leading telecom service provider. The Company provides pan India Voice and Data services across 2G, 3G and 4G platform. With the large spectrum portfolio to support the growing demand for data and voice, the
EchoStar Corporation (Nasdaq: SATS) is a premier provider of technology, networking services, television entertainment and connectivity, offering consumer, enterprise, operator and government solutions worldwide under its EchoStar®, Boost Mobile®, Sling TV, DISH TV, Hughes®, HughesNet®, HughesON™ an
Telia
Our 15 000 talented colleagues serve millions of customers every day in one of the world’s most connected regions. With a strong connectivity base, we’re the hub in the digital ecosystem, empowering people, companies and societies to stay in touch with everything that matters 24/7/365 - on their ter
Since its establishment in 1854, Telecom Egypt has played a pivotal role in driving growth within the local ICT market capitalizing on its vast infrastructure, which is one of the largest in the region. Its vast domestic and international infrastructure has helped it serve various customer groups in
TELUS
At TELUS, our purpose-driven team works together every day to innovate and do good. From providing technology solutions that make our lives safer and easier, to supporting those who need it most, our inclusive, spirited and giving people are passionate about empowering our customers, communities and
e& Egypt
Building on 17 years of technology excellence in the Egyptian market, and in our relentless quest to bring you more and better services, etisalat by e& in Egypt has now evolved into the digital telco of the future. Covering and serving 99% of the inhabited areas in Egypt, our mission as etisalat b
.png)
Telenor CyberSecurity News
March 27, 2026 10:18 AM
Telenor-Ufone's Position in the Evolving Telcos Market
Pakistan telecom market shifts in February as Jazz and Zong lose slight share while Ufone and Telenor post gradual gains.
March 24, 2026 07:35 AM
PTA Greenlights PTCL-Telenor Pakistan Merger
The Pakistan Telecommunication Authority has approved the proposed merger of Pak Telecom Mobile Limited (PTML) and Telenor Pakistan.
March 10, 2026 07:00 AM
PTA Tells NA Committee Ufone-Telenor Merger Will Happen Before March 10 5G Auction
The Pakistan Telecommunication Authority told lawmakers that the merger between Ufone and Telenor Pakistan will be completed before March 10...
February 05, 2026 08:00 AM
CelcomDigi partners with Google Firebase and Telenor Linx on APIaaS
Malaysian telco CelcomDigi said on Wednesday it is collaborating with Google's Firebase and Telenor Linx to boost its API-as-a-Service...
January 01, 2026 11:28 AM
Mudasser Shafiq Appointed as Acting Chief Financial Officer at Telenor Pakistan
As telecom consolidates, finance leaders are shifting from compliance roles to strategic partners driving governance, stability, and growth.
December 31, 2025 11:08 AM
Who is Awais Vohra, the New Telenor CEO?
Awais Naseem Vohra has been appointed as the new acting CEO following PTCL's full acquisition of Telenor which took two full years.
December 05, 2025 08:00 AM
Awais Vohra appointed as Acting CEO of Telenor Pakistan
The newly established Board of Directors of Telenor Pakistan appointed Awais Vohra as the Acting Chief Executive Officer of the company.
December 04, 2025 10:25 AM
PTA Imposes Stringent Safeguards as PTCL Gets Conditional Approval to Acquire Telenor Pakistan
PTA approves PTCL's bid to acquire Telenor Pakistan with strict conditions to protect consumers, competition and network quality.
December 04, 2025 06:45 AM
PTA Grants Conditional Nod as PTCL Accepts Terms for Telenor Pakistan Acquisition
PTA has granted conditional approval to Pakistan Telecommunication Company Limited for its acquisition of Telenor Pakistan.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Telenor CyberSecurity History Information
Official Website of Telenor
The official website of Telenor is http://www.telenor.com/.
Telenor’s AI-Generated Cybersecurity Score
According to Rankiteo, Telenor’s AI-generated cybersecurity score is 798, reflecting their Fair security posture.
How many security badges does Telenor’ have ?
According to Rankiteo, Telenor currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Telenor been affected by any supply chain cyber incidents ?
According to Rankiteo, Telenor has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Telenor have SOC 2 Type 1 certification ?
According to Rankiteo, Telenor is not certified under SOC 2 Type 1.
Does Telenor have SOC 2 Type 2 certification ?
According to Rankiteo, Telenor does not hold a SOC 2 Type 2 certification.
Does Telenor comply with GDPR ?
According to Rankiteo, Telenor is not listed as GDPR compliant.
Does Telenor have PCI DSS certification ?
According to Rankiteo, Telenor does not currently maintain PCI DSS compliance.
Does Telenor comply with HIPAA ?
According to Rankiteo, Telenor is not compliant with HIPAA regulations.
Does Telenor have ISO 27001 certification ?
According to Rankiteo,Telenor is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Telenor
Telenor operates primarily in the Telecommunications industry.
Number of Employees at Telenor
Telenor employs approximately 22,731 people worldwide.
Subsidiaries Owned by Telenor
Telenor presently has no subsidiaries across any sectors.
Telenor’s LinkedIn Followers
Telenor’s official LinkedIn profile has approximately 521,666 followers.
NAICS Classification of Telenor
Telenor is classified under the NAICS code 517, which corresponds to Telecommunications.
Telenor’s Presence on Crunchbase
No, Telenor does not have a profile on Crunchbase.
Telenor’s Presence on LinkedIn
Yes, Telenor maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/telenor-group.
Cybersecurity Incidents Involving Telenor
As of April 02, 2026, Rankiteo reports that Telenor has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Telenor has an estimated 10,042 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Telenor ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does Telenor detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with nato operation baltic sentry (2024), incident response plan activated with finnish national bureau of investigation (estlink 2 case), incident response plan activated with norwegian police (svalbard cable investigation), and third party assistance with marinetraffic (ship tracking data), third party assistance with open-source intelligence (osint) for trawler movements, and and containment measures with detention of *eagle s* vessel (later released), containment measures with increased maritime patrols (nato assets), and remediation measures with cable repairs (status unspecified), remediation measures with nato-industry collaboration for infrastructure resilience, and recovery measures with swedish military exercises (counter-sabotage drills), recovery measures with enhanced surveillance of undersea cables, and communication strategy with public statements by nato secretary general mark rutte, communication strategy with media interviews with lithuanian fm gabrielius landsbergis, communication strategy with cbs news investigative reports, and enhanced monitoring with nato naval drones and aircraft patrols, enhanced monitoring with national surveillance assets (unspecified)..
Incident Details
Can you provide details on each incident ?
Title: Alleged Russian Sabotage of Undersea Cables in the Baltic Sea (2022–2024)
Description: A series of suspected sabotage incidents targeting undersea fiber optic cables in the Baltic Sea, allegedly linked to Russian hybrid warfare tactics. The cables, critical for global internet traffic, financial transactions, and military communications, were damaged in multiple instances, including drag marks from anchors and loitering vessels. Finland, Estonia, Norway (Svalbard), and other Baltic NATO members reported disruptions, with Russia denying involvement. The incidents are part of broader hybrid warfare tactics, including cyberattacks, infrastructure sabotage, and espionage, aimed at testing NATO resolve and intimidating regional populations. NATO launched 'Baltic Sentry' in 2024 to counter these threats.
Date Detected: 2022-01-07
Date Publicly Disclosed: 2022-02-00
Type: Physical Sabotage
Attack Vector: Anchor Dragging (Ships/Trawlers)Underwater Sabotage (Unconfirmed Explosives)Loitering Near Cable RoutesPlausible Deniability via 'Shadow Fleet' Vessels
Vulnerability Exploited: Shallow Depth of Baltic Sea (Ease of Anchor Damage)Unburied or Lightly Buried Cables in Steep TerrainLack of Real-Time Monitoring for Undersea InfrastructureGeopolitical Tensions (NATO Expansion, Ukraine War)
Threat Actor: Primary: Russian State-Affiliated Actors (Alleged)Secondary: ["Russian 'Shadow Fleet' Vessels (e.g., *Eagle S*)", 'Russian Fishing Trawlers (Svalbard Incident)', 'Ukrainian Citizens Linked to Russian Intelligence (Poland Rail Sabotage)']Denial: Russia denies all allegations, labeling them 'Russophobia'
Motivation: Intimidation of Baltic States and NATO AlliesTesting NATO Unity and Response CapabilitiesDisruption of Critical Infrastructure as Hybrid Warfare TacticRetaliation for Western Support of UkrainePotential Prelude to Larger Military Escalation
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Anchor Drag Marks (Physical Damage)Vessel Loitering Near Cable Routes (Reconnaissance).
Impact of the Incidents
What was the impact of each incident ?
Incident : Physical Sabotage SPA0002100112125
Systems Affected: Estlink 2 (Finland-Estonia Power/Telecom Cable)Svalbard Undersea Cable System (Norway)Unspecified Telecom Cables in Gulf of Finland
Downtime: [{'system': 'Estlink 2', 'duration': 'Partial outage (Christmas 2024)', 'restoration': 'Unknown'}, {'system': 'Svalbard Cable', 'duration': 'Jan 7, 2022 (Redundant cable prevented service loss)', 'restoration': 'Investigation closed (no evidence)'}]
Operational Impact: Reduced Interconnectivity Between Finland and EstoniaIncreased NATO Maritime Patrols (Operation Baltic Sentry)Swedish Military Exercises for Counter-Sabotage
Brand Reputation Impact: Erosion of Trust in Undersea Infrastructure ResiliencePerception of NATO Vulnerability to Hybrid Threats
Legal Liabilities: Finnish Criminal Charges Against *Eagle S* Crew (Dismissed on Appeal)
Which entities were affected by each incident ?
Incident : Physical Sabotage SPA0002100112125
Entity Name: Finland
Entity Type: Government
Industry: Critical Infrastructure (Energy/Telecom)
Location: Baltic Sea (Gulf of Finland)
Size: National
Customers Affected: Partial outage for Finland-Estonia connectivity
Incident : Physical Sabotage SPA0002100112125
Entity Name: Estonia
Entity Type: Government
Industry: Critical Infrastructure (Energy/Telecom)
Location: Baltic Sea (Gulf of Finland)
Size: National
Customers Affected: Partial outage for Finland-Estonia connectivity
Incident : Physical Sabotage SPA0002100112125
Entity Name: Norway (Space Norway)
Entity Type: State-Owned Enterprise
Industry: Telecommunications
Location: Greenland Sea (Svalbard Cable)
Size: National
Customers Affected: No service loss (redundant cable)
Incident : Physical Sabotage SPA0002100112125
Entity Name: NATO
Entity Type: Military Alliance
Industry: Defense/Critical Infrastructure Protection
Location: Baltic Sea Region
Size: Multinational
Customers Affected: Increased operational burden (Baltic Sentry)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Physical Sabotage SPA0002100112125
Incident Response Plan Activated: ['NATO Operation Baltic Sentry (2024)', 'Finnish National Bureau of Investigation (Estlink 2 Case)', 'Norwegian Police (Svalbard Cable Investigation)']
Third Party Assistance: Marinetraffic (Ship Tracking Data), Open-Source Intelligence (Osint) For Trawler Movements.
Containment Measures: Detention of *Eagle S* Vessel (Later Released)Increased Maritime Patrols (NATO Assets)
Remediation Measures: Cable Repairs (Status Unspecified)NATO-Industry Collaboration for Infrastructure Resilience
Recovery Measures: Swedish Military Exercises (Counter-Sabotage Drills)Enhanced Surveillance of Undersea Cables
Communication Strategy: Public Statements by NATO Secretary General Mark RutteMedia Interviews with Lithuanian FM Gabrielius LandsbergisCBS News Investigative Reports
Enhanced Monitoring: NATO Naval Drones and Aircraft PatrolsNational Surveillance Assets (Unspecified)
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as NATO Operation Baltic Sentry (2024), Finnish National Bureau of Investigation (Estlink 2 Case), Norwegian Police (Svalbard Cable Investigation), .
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through MarineTraffic (Ship Tracking Data), Open-Source Intelligence (OSINT) for Trawler Movements, .
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Cable Repairs (Status Unspecified), NATO-Industry Collaboration for Infrastructure Resilience, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by detention of *eagle s* vessel (later released), increased maritime patrols (nato assets) and .
Ransomware Information
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Swedish Military Exercises (Counter-Sabotage Drills), Enhanced Surveillance of Undersea Cables, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Physical Sabotage SPA0002100112125
Legal Actions: Finnish Criminal Case Against *Eagle S* Crew (Dismissed),
Regulatory Notifications: NATO Coordination Under Article 5 (Potential Future Trigger)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Finnish Criminal Case Against *Eagle S* Crew (Dismissed), .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Physical Sabotage SPA0002100112125
Lessons Learned: Undersea Cables Are Vulnerable to Physical Sabotage in Shallow Waters, Hybrid Warfare Blurs Lines Between Cyber, Physical, and Psychological Attacks, Plausible Deniability via 'Shadow Fleet' Complicates Attribution, NATO Unity Is Critical to Deterring Further Escalation, Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables)
What recommendations were made to prevent future incidents ?
Incident : Physical Sabotage SPA0002100112125
Recommendations: Increase Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage IncidentsIncrease Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Deepen NATO-Industry Collaboration for Infrastructure Hardening, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea, Develop Rapid-Response Protocols for Cable Sabotage Incidents
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Undersea Cables Are Vulnerable to Physical Sabotage in Shallow Waters,Hybrid Warfare Blurs Lines Between Cyber, Physical, and Psychological Attacks,Plausible Deniability via 'Shadow Fleet' Complicates Attribution,NATO Unity Is Critical to Deterring Further Escalation,Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables).
References
Where can I find more information about each incident ?
Incident : Physical Sabotage SPA0002100112125
Source: Royal United Services Institute (RUSI)
URL: https://rusi.org
Date Accessed: 2024-11-00
Incident : Physical Sabotage SPA0002100112125
Source: Finnish National Bureau of Investigation
URL: https://poliisi.fi
Date Accessed: 2024-10-00
Incident : Physical Sabotage SPA0002100112125
Source: Space Norway (Svalbard Cable Operator)
Date Accessed: 2022-01-00
Incident : Physical Sabotage SPA0002100112125
Source: NATO Press Release (Operation Baltic Sentry)
URL: https://www.nato.int
Date Accessed: 2024-01-00
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: CBS NewsUrl: https://www.cbsnews.comDate Accessed: 2024-11-00, and Source: Royal United Services Institute (RUSI)Url: https://rusi.orgDate Accessed: 2024-11-00, and Source: Finnish National Bureau of InvestigationUrl: https://poliisi.fiDate Accessed: 2024-10-00, and Source: Space Norway (Svalbard Cable Operator)Url: https://spacenorway.noDate Accessed: 2022-01-00, and Source: NATO Press Release (Operation Baltic Sentry)Url: https://www.nato.intDate Accessed: 2024-01-00.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Physical Sabotage SPA0002100112125
Investigation Status: [{'case': 'Estlink 2 (Finland-Estonia)', 'status': 'Criminal Charges Dismissed (Prosecutors Appealing)'}, {'case': 'Svalbard Cable (Norway)', 'status': 'Closed (Lack of Evidence)'}, {'case': 'Polish Rail Sabotage', 'status': 'Ongoing (Suspects Identified)'}]
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Statements By Nato Secretary General Mark Rutte, Media Interviews With Lithuanian Fm Gabrielius Landsbergis and Cbs News Investigative Reports.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Physical Sabotage SPA0002100112125
Stakeholder Advisories: Nato Members Urged To Enhance Critical Infrastructure Protection, Baltic States Advised To Diversify Connectivity Routes, Energy And Telecom Sectors Warned Of Hybrid Threats.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Nato Members Urged To Enhance Critical Infrastructure Protection, Baltic States Advised To Diversify Connectivity Routes and Energy And Telecom Sectors Warned Of Hybrid Threats.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Physical Sabotage SPA0002100112125
Entry Point: Anchor Drag Marks (Physical Damage), Vessel Loitering Near Cable Routes (Reconnaissance),
Reconnaissance Period: ['Svalbard Incident: >12 Trawler Passes Before Damage', 'Eagle S: Departed Ust-Luga on Day of Outage']
High Value Targets: Estlink 2 (Finland-Estonia Interconnect), Svalbard Cable (Northernmost Subsea System), Baltic Nato Members' Limited Redundancy,
Data Sold on Dark Web: Estlink 2 (Finland-Estonia Interconnect), Svalbard Cable (Northernmost Subsea System), Baltic Nato Members' Limited Redundancy,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Physical Sabotage SPA0002100112125
Root Causes: Geopolitical Tensions (Russia-Nato, Ukraine War), Physical Vulnerability Of Undersea Cables In Shallow Waters, Lack Of Unified Deterrence Against Hybrid Tactics, Plausible Deniability Via Non-State Proxy Vessels,
Corrective Actions: Nato Operation Baltic Sentry (Maritime Patrols), Finnish Appeal Of Dismissed Charges Against *Eagle S* Crew, Swedish Counter-Sabotage Military Exercises, Proposed Nato Article 5 Clarifications For Hybrid Attacks,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Marinetraffic (Ship Tracking Data), Open-Source Intelligence (Osint) For Trawler Movements, , Nato Naval Drones And Aircraft Patrols, National Surveillance Assets (Unspecified), .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Nato Operation Baltic Sentry (Maritime Patrols), Finnish Appeal Of Dismissed Charges Against *Eagle S* Crew, Swedish Counter-Sabotage Military Exercises, Proposed Nato Article 5 Clarifications For Hybrid Attacks, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Primary: Russian State-Affiliated Actors (Alleged)Secondary: ["Russian 'Shadow Fleet' Vessels (e.g., *Eagle S*)", 'Russian Fishing Trawlers (Svalbard Incident)', 'Ukrainian Citizens Linked to Russian Intelligence (Poland Rail Sabotage)']Denial: Russia denies all allegations and labeling them 'Russophobia'.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-01-07.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-02-00.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Estlink 2 (Finland-Estonia Power/Telecom Cable)Svalbard Undersea Cable System (Norway)Unspecified Telecom Cables in Gulf of Finland.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was marinetraffic (ship tracking data), open-source intelligence (osint) for trawler movements, .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Detention of *Eagle S* Vessel (Later Released)Increased Maritime Patrols (NATO Assets).
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Finnish Criminal Case Against *Eagle S* Crew (Dismissed), .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Redundant Infrastructure Mitigates Operational Impact (e.g., Svalbard Cables).
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Deepen NATO-Industry Collaboration for Infrastructure Hardening, Increase Real-Time Monitoring of Undersea Cables with AI/ML Anomaly Detection, Clarify Thresholds for Invoking Article 5 in Hybrid Warfare Scenarios, Expand Maritime Domain Awareness in the Baltic Sea and Develop Rapid-Response Protocols for Cable Sabotage Incidents.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Royal United Services Institute (RUSI), CBS News, Space Norway (Svalbard Cable Operator), Finnish National Bureau of Investigation and NATO Press Release (Operation Baltic Sentry).
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.cbsnews.com, https://rusi.org, https://poliisi.fi, https://spacenorway.no, https://www.nato.int .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is [{'case': 'Estlink 2 (Finland-Estonia)', 'status': 'Criminal Charges Dismissed (Prosecutors Appealing)'}, {'case': 'Svalbard Cable (Norway)', 'status': 'Closed (Lack of Evidence)'}, {'case': 'Polish Rail Sabotage', 'status': 'Ongoing (Suspects Identified)'}].
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was NATO Members Urged to Enhance Critical Infrastructure Protection, Baltic States Advised to Diversify Connectivity Routes, Energy and Telecom Sectors Warned of Hybrid Threats, .
Initial Access Broker
What was the most recent reconnaissance period for an incident ?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was Svalbard Incident: >12 Trawler Passes Before DamageEagle S: Departed Ust-Luga on Day of Outage.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=telenor-group' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
