Supo also combats cyber espionage

Preventing the exploitation of IT vulnerabilities requires continuous data security work. One effect of the Russian war of aggression in Ukraine has been to highlight the importance of cyber espionage when traditional human intelligence operations have become more diffcult for Russia.

 Illsutration escalator.

Cyber espionage is a potent and inexpensive way to access a significant volume of information that is intended to be confidential. The target of a cyber espionage operation will not necessarily be aware of this activity.

Supo is also responsible for combating the online espionage of foreign powers. One aim is to increase public awareness of online threats, and Supo accordingly works to prevent cyber espionage by such means as arranging training for people who maintain critical infrastructure, for businesses involved in ensuring emergency supplies, and for key staff members in central government.

Even though Russia often tops the agenda in the feld cyber espionage, it is not the only party that seeks to spy on Western countries. China has exceptionally substantial resources for cyber 
espionage.

Cyber espionage can target individuals

State-run cyber espionage operations may involve hacking into information systems via a technical vulnerability, or exerting pressure on dependent hardware or software suppliers to access the data of their foreign customers with a view to obtaining confidential information.

Preventing the exploitation of IT vulnerabilities requires continuous data security work and a realistic security architecture. The risk associated with hardware or software supplied from countries that actively engage in espionage targeting Finland must be managed from the initial procurement stage.

Everyone working in a significant position and handling important information should appreciate that they may become a target of the intelligence operations of a foreign power. State-sponsored operators may also focus their cyber espionage campaigns on private individuals and public servants.

One effect of the Russian war of aggression in Ukraine has been to highlight the importance of cyber espionage when traditional human intelligence operations have become more diffcult for
Russia. This does not diminish the importance of human intelligence. With basic intelligence now obtained more efficiently from information systems, it has become possible to target human intelligence more precisely.

It is worthwhile to ensure the information security of your network devices

Supo has observed that the intelligence services of authoritarian states have been exploiting network devices and servers of Finnish individuals and businesses in cyber espionage operations.

It pays to review the passwords and information security settings of routers and other devices connected to your network at home. Home routers and network storage systems are the most typical hacked hardware devices, but also cameras and different home appliances can be connected to the Internet.

You can find practical information on how to improve the information security of your network devices from the National Cyber Security Centre’s web page.

Cyber security is a joint effort of multiple public authorities

While Supo combats state-sponsored cyber espionage, several other public authorities are working in the field of cyber security. The National Cyber Security Centre of the Finnish Transport and Communications Agency (Traficom) investigates information security incidents and oversees and maintains cyber security situation awareness.

The National Bureau of Investigation (NBI) and local police departments investigate cybercrimes, such as network traffic interference, online extortion or malicious hacking. The Defence Forces also combat military cyber threats.

Collaboration is also ongoing with the business community, telecom operators, Internet service providers and universities.