Supo also combats cyber espionage
Preventing the exploitation of IT vulnerabilities requires continuous data security work. Even though cyber espionage has emerged as a new threat, this does not diminish the importance of human intelligence.
Cyber espionage is a potent and inexpensive way to access a significant volume of information that is intended to be confidential. The target of a cyber espionage operation will not necessarily be aware of this activity.
Supo is also responsible for combating the online espionage of foreign powers. One aim is to increase public awareness of online threats, and Supo accordingly works to prevent cyber espionage by such means as arranging training for people who maintain critical infrastructure, for businesses involved in ensuring emergency supplies, and for key staff members in central government.
Cyber espionage can target individuals
State-run cyber espionage operations may involve hacking into information systems via a technical vulnerability, or exerting pressure on dependent hardware or software suppliers to access the data of their foreign customers with a view to obtaining confidential information.
Preventing the exploitation of IT vulnerabilities requires continuous data security work and a realistic security architecture. The risk associated with hardware or software supplied from countries that actively engage in espionage targeting Finland must be managed from the initial procurement stage.
Everyone working in a significant position and handling important information should appreciate that they may become a target of the intelligence operations of a foreign power. State-sponsored operators may also focus their cyber espionage campaigns on private individuals and public servants.
Even though cyber espionage has emerged as a new threat, this does not diminish the importance of human intelligence. With basic intelligence now obtained more efficiently from information systems, it has become possible to target human intelligence more precisely.
- The focus of espionage shifted to the online environment in an exceptional year (Supo Year Book 2020)
It is worthwhile to ensure the information security of your network devices
Supo has observed that the intelligence services of authoritarian states have been exploiting network devices and servers of Finnish individuals and businesses in cyber espionage operations.
It pays to review the passwords and information security settings of routers and other devices connected to your network at home. Home routers and network storage systems are the most typical hacked hardware devices, but also cameras and different home appliances can be connected to the Internet.
You can find practical information on how to improve the information security of your network devices from the National Cyber Security Centre’s web page.
Cyber security is a joint effort of multiple public authorities
While Supo combats state-sponsored cyber espionage, several other public authorities are working in the field of cyber security. The National Cyber Security Centre of the Finnish Transport and Communications Agency (Traficom) investigates information security incidents and oversees and maintains cyber security situation awareness.
The National Bureau of Investigation (NBI) and local police departments investigate cybercrimes, such as network traffic interference, online extortion or malicious hacking. The Defence Forces also combat military cyber threats.
Collaboration is also ongoing with the business community, telecom operators, Internet service providers and universities.