Categories
Health News Safety Security

Additional measures implemented due to the COVID-19 pandemic

Due to the Coronavirus Disease 2019 (COVID-19) pandemic and the following travel restrictions enforced by the Norwegian authorities; Improbus has suspended all travel activity until further notice.

The travel- and meeting-restrictions were originally scheduled to apply from 2020-03-13 to 2020-03-26, but the Norwegian government has now extended this ban to apply until 2020-04-16.

None of Improbus’s employees are infected by the Coronavirus (SARS-CoV-2).

Nevertheless, we continue to comply with advice from both the WHO and the Norwegian authorities.

All scheduled meetings will be held as planned – but electronically – via instant messaging Telegram (chat) or encrypted VoIP.

For urgent questions or emergencies, Improbus technicians will remain available via SMS and phone at +47-94102030.

Non-urgent and non-sensitive matters should be communicated using email.

Electronic communication using Telegram is preferred.

For more information about the Coronavirus (SARS-CoV-2) and the Coronavirus Disease 2019 (COVID-19), please see WHO‘s webpages (English), Helsenorge (Norwegian), or the Norwegian Government’s homepage (“Regjeringen”) in Norwegian or English.

Categories
News Security

Successful recovery of stolen domain names

Improbus facilitated today the safe return and recovery of stolen domain names.

Two competing companies were domain name holders of domain names associated with each other’s businesses.

In connection with maintenance on the domain name services on behalf of Company A, it was discovered that one of the domain names had been illegally transferred from ISP A to ISP B, then deleted by the registry and re-registered by the registrar within milliseconds.

This action led to the unauthorized and illegal transfer of domain name ownership from Company A to Company B. The domain name hijacking and subsequent domain name theft were made possible by means of ID theft.

Information on the method used was obtained and extensively documented by Improbus, and the persons and companies involved were confronted.

Instead of a judicial process, an amicable agreement was entered into between the parties – after mediation by Improbus:

Assuming that Company B transfer domain names that were affiliated and associated with Company A – Company A would in return refrain from reporting criminal offenses (i.e., theft of domain names) to the police, as well as permit the legal transfer one of its domain names to Company B.

In this way, the normal situation was restored in an efficient, peaceful and amicable manner – without involving the prosecution authorities or the justice system.

Improbus’ handling of the incident led to a happy outcome for both parties.

Categories
Health News Safety Security

Measures implemented due to the COVID-19 pandemic

Due to the Coronavirus Disease 2019 (COVID-19) pandemic and the following travel restrictions enforced by the Norwegian authorities; Improbus has suspended all travel activity until further notice.

None of Improbus’s employees are infected by the Coronavirus (SARS-CoV-2).

Nevertheless, we comply with advice from both the WHO and the Norwegian authorities, which recommend reduced travel- and face-to-face meeting-activities.

However; all scheduled meetings will be held as planned – but electronically – via instant messaging Telegram (chat) or encrypted VoIP.

For urgent questions or emergencies, Improbus technicians will remain available via SMS and phone at +47-94102030.

Non-urgent and non-sensitive matters should be communicated using email.

Electronic communication using Telegram is preferred.

For more information about the Coronavirus (SARS-CoV-2) and the Coronavirus Disease 2019 (COVID-19), please see WHO‘s webpages (English) or Helsenorge (Norwegian).

Categories
Media News Security

Man convicted of “extensive data breach”

Man convicted of “extensive data breach” in Bergen District Court

Article from Digi / BT / NTB

A 30-year-old man in Bergen District Court has been sentenced to 14 days suspended prison for data breach by the Norwegian Public Roads Administration. The man says he wanted to develop an app.

In addition to the conditional prison sentence, the foreign man living in Bergen is sentenced to give up two hard drives and one SSD disk, writes Bergens Tidende.

The defendant wanted to develop an app that would allow contact with the owner of a motor vehicle without exchanging personal information, according to the judgment.

The man extracted information about Norwegian car owners from the Roads Administration’s website, but this went beyond what the Norwegian Public Roads Administration intended to offer of information through the service. Therefore, he is convicted of violation of section 207 of the Penal Code for burglary in computer systems.

The defendant understood that this was not how the service should be used, the court believes.

But the court also states that the information he obtained was legally obtained through a request for access.

The man’s defender, attorney Alexander Gonzalo Sele, says he and the client will go through the verdict and consider whether to appeal.

– We believe the judgment raises fundamental questions about what can be characterized as a data breach. He has retrieved information that was publicly available and that one could also find using a regular telephone directory, Sele says, pointing out that the client did not get any sensitive information.

© NTB

Source: digi.no (Article in Norwegian)

Improbus’ comments

The verdict (case number TBERG-2019-141281) is available online, in Norwegian (check Google Translate for an OK English translation).

According to the accusation (and verdict), the accused accessed publicly available web resources served by the Norwegian Public Roads Administration.

The accused then opened several browser tabs, and changed the individual URLs slightly, to see if the different http requests yielded individual, but still relevant results.

The accused allegedly then proceeded to collect the output of the respective web outputs provided by the site; storing them in a local database; one record for each http request.

Bergen District Court has ruled that even though the information gained and stored was already publicly available, nor did any damage or presented the server with a significant load of any kind – the action is still to be perceived as illegal.

Since the information from the Norwegian Public Roads Administration’s web site already was publicly available, it is obvious to think that this system behavior was intentional.

It is obvious to Improbus that what has been explained as misuse of a minor design flaw, has not been misused for evil purposes at all, but rather as a means for retrieving public data in an efficient, easy and convenient way.

If the data had been private or sensitive, the situation would have been quite different – maybe not technically or juridically, but at least ethically and morally.

It is sad to see that neither the courts nor the police able to keep up with current knowledge about the common usage of information systems.

If this really is a criminal act, it is nonetheless a victimless one.

Categories
News

Improbus acquires ICEC

Improbus has acquired ICEC; International Center for Emergency Communication.

As of today, 01.01.2019, both companies will act as one.

The companies believe that their product portfolios complement each other, especially in the areas of ​​emergency communication, security, training, and education.

Most ICEC products and services will be fully incorporated into the Improbus product portfolio within a month, while specialized courses or custom services will remain under the ICEC brand.

For more information, please contact Improbus via Telegram (chat) or email.