Authorities in Sweden and Finland have raised cyber-attack warning levels, fearing that the war in Ukraine and the two Scandinavian countries’ subsequent applications to join NATO put them at greater hacking risks.
Since Russia invaded Ukraine in February, cybersecurity officials in Sweden and Finland have seen no increase in attacks on critical infrastructure, though they say the countries are becoming more interesting targets for hacking groups with Russian ties.
The two Scandinavian countries applied on Wednesday after decades of neutrality to join the North Atlantic Treaty Organization. Approval can take months.
Hackers with ties to Russia could try to influence the process in several ways, said David Lindahl, a research engineer at the Swedish Defense Research Agency, which is affiliated with the Swedish Defense Ministry.
Hackers could damage Swedish websites and spread disinformation online, Lindahl said. While cyberattacks on the country have not intensified so far this year compared to previous years, NATO’s application means “we have changed the situation,” he said.
Hackers briefly removed the Finnish government’s websites last month while Ukrainian President Volodymyr Zelensky spoke before the Finnish parliament. Russia has consistently denied any involvement in cyber attacks.
Other cybersecurity concerns include the possibility of lengthy espionage campaigns after the countries join NATO and cyberattacks in retaliation for joining, said Kim Elman, director of the cybersecurity center at RISE, a Swedish government-owned research institute.
Cyber attacks are likely to increase later on, possibly as a form of retaliation against the Finnish government’s decisions and involvement as a NATO member, said Mikko Hypponen, chief research officer at WithSecure Corp.
a Finland-based cybersecurity company formerly known as F-Secure.
Hacker groups are “far too late for their attacks if they want to make any concrete difference” about public opinion about joining NATO, said Mr Hyppönen, adding: “I am concerned about cyber attacks that are being launched directly through the Russian government or through proxies from the Russian government targets Finland and Sweden.”
Sanctions that prevent Russia from acquiring high-tech equipment make cyber-attacks on Sweden and Finland more attractive, Elman said. Russia will be “more dependent on acquiring that knowledge and intellectual property in other ways,” he said. Finland and Sweden are both home to high-tech research and development and are said to be targets for espionage, he added.
The Swedish and Finnish governments raised alert levels and warned of cyber threats targeting domestic businesses and infrastructure during the war in Ukraine, and cybersecurity agencies in both countries have received more reports and requests for information from companies and individuals who had questions or wanted to share information about cybersecurity. in the past months. Officials attribute the increase to growing awareness and public concern about cyber threats.
“There is a certain tension in the air regarding the situation and there is a tendency to see things through that lens,” said Johan Turell, senior cybersecurity analyst at the Swedish Civil Contingencies Agency, which is responsible for managing emergencies. Government agencies in Swedish municipalities have been increasingly concerned about cybersecurity since the start of the war, and regularly ask about cyber protection, such as how to comply with laws requiring critical infrastructure operators to handle cyber incidents, he said.
Finland’s cybersecurity agency, the National Cyber Security Center, assesses cyberthreats outside the country more systematically than before the war, when it focused mainly on domestic threats, said Deputy Director General Sauli Pahlman. Analysts have studied recent cyberattacks in Ukraine to learn how to defend against them and have stepped up communications with critical infrastructure operators, he said.
Ukrainian authorities said in April they had prevented an attack on an energy company. Before and since the Russian invasion, hackers have used destructive wiper malware against Ukrainian targets, including a financial company and government suppliers. Websites of ministries and companies were also defaced.
Pahlman said his agency is preparing to defend itself against cyber-attacks similar to those carried out by Ukrainian companies in recent months: “Finland as a society needs to be able to use that information and prepare for something similar that might happen here.”
In March, Finland launched a months-long review involving six ministries and the Prime Minister’s Office, aimed at reviewing the country’s handling of cybersecurity issues and responding to cyber-attacks. The effort was planned before the Russian invasion, but officials involved said the war helped them focus on concrete threats.
“The situation in Ukraine has changed our mindset and perhaps intensified our discussions,” said Mikko Soikkeli, director of the IT management unit of the Ministry of Defense and one of the leaders of the cybersecurity assessment.
Petri Knape, director of the Ministry of Interior’s National Security Unit, is also involved in leading the review. “We are prepared for virtually all dangers at this stage,” he said.
write to Catherine Stupp at Catherine.Stupp@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8