Espionage can target private businesses
Economic security is an integral part of Finland’s national security. Digitisation of the economy has diversified threats to national security.
To ward off security risks, Supo gathers intelligence on threats to the economy at the earliest possible stage.
Foreign powers may seek to apply various instruments of economic influence against Finland under the guise of business acquisitions or other investments. It is often difficult to distinguish between private and public projects, especially in countries with limited democratic accountability.
Critical infrastructure must be protected
The targets of unlawful State-sponsored intelligence operations include Finnish technological expertise or products subject to export control. Countries that actively engage in espionage often seek R&D intelligence from industries in which Finland possesses top-level expertise.
Technological progress also makes it increasingly difficult to identify dual-use items and other export-restricted products. Dual-use items are products that can be used for both civilian and military purposes.
Critical infrastructure in Finland is increasingly under private ownership. Even though enterprises can supply services efficiently, they must proportion the security of their systems to the generated revenue stream.
Privately owned infrastructure is also more prone to be purchased by foreign interests. An investment may target some part of Finland’s critical infrastructure whose sale to a foreign operator could jeopardise national security.
Digitisation has created new vulnerabilities
Expertise-related knowledge is a key production factor in Finland that increasingly features in online information systems. Systems also become more vulnerable to unlawful intelligence operations as the critical functions of society increasingly move into the virtual realm. Even though espionage still uses traditional methods, the Internet has expanded the range of available means.
Digitisation of the economy has diversified threats to national security, with new phenomena now including attacks on outsourced subcontracting or service provider chains that seek to access the information systems of the target proper.