Cyber threats rise in Nordics in response to NATO applications

The tragic events in Ukraine have forced neighboring states to suddenly reevaluate their defense policies. Finland, which shares over 1000km of border with Russia, is on high-alert while in recent months ordinary Swedes have rushed to join the Hemvärnet, Sweden’s military’s reserve force, in record numbers. Most notably, the threat of Russian attack has convinced both countries – who have long been famed for their neutrality – to apply for NATO membership.

Russia has threatened retaliation in response to the Nordic nations’ NATO applications, which were jointly submitted on May 18th, though confirmation may take months. While a conventional military attack is thought to be unlikely, Swedish Prime Minister Magdalena Andersson has warned that cyber attacks could be a possible response. 

A recent Wall Street Journal article quoted several regional experts who share that fear. Mikko Hypponen, chief researcher at Finnish cybersecurity group WithSecure Corp., expressed concern about “cyberattacks directly through the Russian government or through proxies of the Russian government targeting Finland and Sweden.” Kim Elman, director of the center for cybersecurity at state-owned research institute RISE, explained that the countries’ status as high-tech hubs make them prime targets for espionage.  

In fact, the risk is already here. In April, the Finnish government’s website was taken down by hackers while streaming a speech by Ukraine’s President Volodymyr Zelensky. Sweden also has recent experience of disruptive cyber attacks. In July 2021, Coop, one of Sweden’s largest grocery chains, was forced to temporarily close almost 1000 stores due to the Kaseya hack. In December 2021, the IT systems of Kalix municipality were brought down by a ransom attack, affecting over 100 different business systems, with Russian hackers suspected to be responsible.

The key importance of cybersecurity is most visible in the ongoing conflict in Ukraine. The US military recently admitted that their hackers have “conducted a series of operations” in response to the Russian invasion. Meanwhile, Ukraine itself has faced a barrage of cyberattacks from Russia, including on its energy grid. In the first month of the war, a major government-owned energy company saw cyber attacks increase by 3519%. Yubico has been working with state officials to help secure the country’s IT and critical infrastructure with YubiKeys.

The Finnish cyber security agency is studying the situation closely in anticipation of facing similar attacks, according to the agency’s deputy director Sauli Pahlman, quoted in the Wall Street Journal. Across Sweden municipalities have also become increasingly concerned about protecting themselves and their critical infrastructure, according to a further quote by Johan Turell, a senior cybersecurity analyst at MSB, the Swedish Civil Contingencies Agency.

It is well known that politicians throughout Europe are at risk of hacking. However, the reality is that threats from bad actors and rogue stakes don’t only target top government officials. Modern cyber attacks also target critical infrastructure, essential industries and supply chains. A system is only as safe as its weakest link and the interconnectedness of modern life means that attacks can have far-ranging consequences and bring extended periods of disruption.

For this reason, businesses and state-owned enterprises in Sweden and Finland should be continually reviewing their cyber security practices, not only for privileged users but all employees and indeed any independent contractors and third parties who use their systems.

What does this mean in practice? Effective security relies on usability, but increased threats may require more stringent measures. Legacy authentication, such as usernames and passwords, are easily hacked and frequently distributed widely online, rendering them insufficient. 

Effective cyber security today requires multi-factor authentication (MFA), but even conventional MFA has flaws. SMS messages can be hacked, while push notifications are vulnerable to notification-bombing, a method exploited by prominent hacking group Lapsus$. This is why governments and cyber security agencies are increasingly recommending, or even mandating, phishing-resistant MFA solutions like security keys.

The YubiKey is the leading hardware security key and the only authentication technology proven to stop account takeovers at scale. Yubico works with governments and major businesses around the world to secure their authentication and, ultimately, make the internet safer for everyone. 

To learn more about how Yubico helps organizations in the Nordic region, read our case study with Arvika municipality in Sweden.

Share this article: