Cyber threats rise in Nordics in response to NATO applications

The tragic events in Ukraine have forced neighboring states to suddenly reevaluate their defense policies. Finland, which shares over 1000km of border with Russia, is on high-alert while in recent months ordinary Swedes have rushed to join the Hemvärnet, Sweden’s military’s reserve force, in record numbers. Most notably, the threat of Russian attack has convinced both countries – who have long been famed for their neutrality – to apply for NATO membership.

Russia has threatened retaliation in response to the Nordic nations’ NATO applications, which were jointly submitted on May 18th, though confirmation may take months. While a conventional military attack is thought to be unlikely, Swedish Prime Minister Magdalena Andersson has warned that cyber attacks could be a possible response. 

A recent Wall Street Journal article quoted several regional experts who share that fear. Mikko Hypponen, chief researcher at Finnish cybersecurity group WithSecure Corp., expressed concern about “cyberattacks directly through the Russian government or through proxies of the Russian government targeting Finland and Sweden.” Kim Elman, director of the center for cybersecurity at state-owned research institute RISE, explained that the countries’ status as high-tech hubs make them prime targets for espionage.  

In fact, the risk is already here. In April, the Finnish government’s website was taken down by hackers while streaming a speech by Ukraine’s President Volodymyr Zelensky. Sweden also has recent experience of disruptive cyber attacks. In July 2021, Coop, one of Sweden’s largest grocery chains, was forced to temporarily close almost 1000 stores due to the Kaseya hack. In December 2021, the IT systems of Kalix municipality were brought down by a ransom attack, affecting over 100 different business systems, with Russian hackers suspected to be responsible.

The key importance of cybersecurity is most visible in the ongoing conflict in Ukraine. The US military recently admitted that their hackers have “conducted a series of operations” in response to the Russian invasion. Meanwhile, Ukraine itself has faced a barrage of cyberattacks from Russia, including on its energy grid. In the first month of the war, a major government-owned energy company saw cyber attacks increase by 3519%. Yubico has been working with state officials to help secure the country’s IT and critical infrastructure with YubiKeys.

The Finnish cyber security agency is studying the situation closely in anticipation of facing similar attacks, according to the agency’s deputy director Sauli Pahlman, quoted in the Wall Street Journal. Across Sweden municipalities have also become increasingly concerned about protecting themselves and their critical infrastructure, according to a further quote by Johan Turell, a senior cybersecurity analyst at MSB, the Swedish Civil Contingencies Agency.

It is well known that politicians throughout Europe are at risk of hacking. However, the reality is that threats from bad actors and rogue stakes don’t only target top government officials. Modern cyber attacks also target critical infrastructure, essential industries and supply chains. A system is only as safe as its weakest link and the interconnectedness of modern life means that attacks can have far-ranging consequences and bring extended periods of disruption.

For this reason, businesses and state-owned enterprises in Sweden and Finland should be continually reviewing their cyber security practices, not only for privileged users but all employees and indeed any independent contractors and third parties who use their systems.

What does this mean in practice? Effective security relies on usability, but increased threats may require more stringent measures. Legacy authentication, such as usernames and passwords, are easily hacked and frequently distributed widely online, rendering them insufficient. 

Effective cyber security today requires multi-factor authentication (MFA), but even conventional MFA has flaws. SMS messages can be hacked, while push notifications are vulnerable to notification-bombing, a method exploited by prominent hacking group Lapsus$. This is why governments and cyber security agencies are increasingly recommending, or even mandating, phishing-resistant MFA solutions like security keys.

The YubiKey is the leading hardware security key and the only authentication technology proven to stop account takeovers at scale. Yubico works with governments and major businesses around the world to secure their authentication and, ultimately, make the internet safer for everyone. 

To learn more about how Yubico helps organizations in the Nordic region, read our case study with Arvika municipality in Sweden.

Talk to our teamTalk to our team

Share this article:


  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard
  • Yubico recognized by TrustRadius 2025 Award for top customer reviewsAs AI-driven cyber threats like credential phishing evolve and grow in complexity, phishing-resistant YubiKeys are an important component toward cyber resilience — and our mission to make the internet more secure has never been more critical. To support this, customer feedback is something we take very seriously and is an invaluable tool to ensure we’re […]Read moreawardsTrustRadius
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson