Over the past year, the cyber security threat level in Finland has remained elevated. The threat level increased in 2022 after Russia launched its large-scale attack against Ukraine.

Based on cases reported to the National Cyber Security Centre Finland (NCSC-FI) at Traficom, Finnish organisations continue to be targeted by hostile cyber activity, and the number of serious data breaches and attempted intrusions has increased. The number of serious cases investigated by the NCSC-FI has more than doubled compared with the previous year. Findings of software vulnerabilities have also increased significantly, which greatly heightens the cyber threat to society. Traficom and the Finnish Security and Intelligence Service (Supo) nevertheless continue to consider the likelihood of cyberattacks capable of paralysing society on a broad scale to be low.

Serious vulnerabilities are being exploited faster

Based on reports made to the NCSC-FI, the cyber security threat level in Finland remains elevated. Over the past year, the number of serious cases has increased significantly, and several organisations have, for example, fallen victim to ransomware attacks.

Software vulnerabilities have also become more frequent. What is particularly concerning is how quickly new vulnerabilities are being exploited in attacks. This trend marks a clear change compared with last year. 

Increasing phishing and scam messages are a growing problem

Phishing and scam messages have become a growing problem. During the past quarter, the number of scam and phishing messages reported to the NCSC-FI increased by 64 per cent. The figures are influenced by monthly fluctuations, and certain themes in scams tend to follow seasonal patterns. Bank-themed phishing messages, in particular, have become firmly established. These changes in the cyber threat landscape pose a broad challenge to society’s comprehensive security.

“For the NCSC-FI, the shift has been reflected especially in the growing number of tasks related to serious incidents. Cybercrime is international by nature, and technological development is expanding the opportunities available to criminals. It is crucial that society continues to function and that people can maintain trust in our digital society in the future as well. This requires ensuring sufficient resources for cyber security”, says Anssi Kärkkäinen, Director-General of the NCSC-FI.

Finland is well prepared for different cyber threats, but must remain vigilant

The NCSC-FI at Traficom maintains continuous situational awareness of cyber security across society and offers organisations broad support in different areas of cyber security. By analysing this information, it is possible to assess the impact of incidents and the development of the cyber security situation over the longer term. 

Director-General Kärkkäinen reminds that Finland is well prepared for a range of cyber threats, but must remain constantly vigilant. Cooperation between different sectors of society is close, and information is shared on a daily basis. In some cases, companies themselves have actively shared information on an attacker’s activities, enabling other companies in the sector to protect their operations. This serves as a good example of collaboration between businesses and the authorities.

State-sponsored cyber threat against Finland remains active

The Finnish Security and Intelligence Service (Supo) works to counter foreign states’ cyber espionage and influence operations against Finland and provides related intelligence to relevant authorities. According to Supo, the development of Russia’s cyber threat towards Finland will be shaped in particular by how Russia’s military operations in Ukraine continue. 

“When the war in Ukraine subsides or ends, Russia will be able to redirect cyber capabilities currently tied to Ukraine also against Finland", says Teemu Liikkanen, Head of Supo’s Counterintelligence Department.

Supo also assesses that China’s cyber activity targeting Finland remains active. China also makes active use of Finnish network infrastructure and poorly protected consumer devices in Finland in cyber operations directed at third countries. 

Society must be constantly prepared for changes in the threat landscape, including online

According to Director-General Kärkkäinen, all sectors of society must be prepared for changes in the threat landscape at all times. Key elements in this are information sharing, foresight and the continuous development of effective cooperation. 

"We remind organisations to continue reporting all information security incidents to us with a low threshold – whether they involve phishing messages, denial-of-service attacks or attempted data breaches. Sharing information helps us safeguard the operational reliability of critical infrastructure that is essential for national security. It is vital that the key services underpinning society – such as energy, telecommunications, healthcare and communications – remain protected and continue to function without disruption in all circumstances", says Director-General Kärkkäinen. 

Enquiries
Traficom media service, tel. +358 29 534 5648
Supo media service, tel. +358 50 402 6981, [email protected]