Finland Is Worried About Russian Cyberwar Techniques

Finland, on the northern edge of Europe and with a population of fewer than 5.5 million, may not seem an obvious player in struggles of geopolitics. But being situated in the shadow of its giant neighbour, Russia, has meant that the country has been inevitably drawn into the world of hybrid warfare.

Helsinki was the focus of global attention as the venue of the summit between Vladimir Putin and Donald Trump, with questions inevitably raised over claims that the Russian president had placed his man in the White House through manipulation of the US election.

Away for the limelight Helsinki has become the base for a major cyber-defence programme for the west with the establishment of the Nato-backed European Centre for Excellence for Countering Hybrid Threat, which has received funding and resources from the US, Britain, France and Nordic states.

On a visit to London recently Antti Hakkanen (pictured), the Finnish justice minister, warned that the problem of cyber warfare is going to continue growing and stressed the urgent need for a new international alliance to combat it.

“New horizons have opened for those who want to misuse the freedoms provided by the new media environment. I am afraid we are only beginning to learn how to cope with these new challenges. The risk is we are constantly one step behind,” he said.

“There is a need for a broad coalition among countries which share the same values like the US, the European Union states and Britain to stand together when we have other countries like Russia, China and Iran which do not have the same values.

“We actually have a good system in Europe in the GDPR (General Data Protection Regulation) but we are not operating with the US; we need to have the US with us to make it work properly.”

Mr Hakkanen, who had met UK government ministers during his trip, continued: “We have had elections and referendums in Europe which have been targeted. Now we hear that Russia is targeting the referendum being held in Macedonia.

“I do not know enough about Brexit to say what went on there, maybe there were some issues with financing campaigns. But there are, we know, those who would like to see a country separated from the values of Europe.”

Asked about the practicalities of getting the US to join such a coalition when the current president is alleged to have benefited from election interference, Mr Hakkanen said: “In my recent visit to Washington I found that although they may not be prepared to cooperate on trade or some matters of defence, which is worrying, they are prepared to cooperate in the cyber sector. Mr Trump has routinely dismissed reports of Russian election interference as fake news.

“They know the Russians have been operating in their country, and it may not be good having the world’s best intelligence service, or second best intelligence service, if they have those kinds of attacks.”

The Finnish government has been carrying out its own studies into the systematic interference internationally in a series of votes and have taken a number of precautions to protect its electoral system.

One decision was to abandon plans for electronic voting at the polls, an option being considered by a number of countries.

It was decided in Helsinki, however, that the risks of hacking and other types of interference outweighs potential benefits, and the more cumbersome, but also safer, manual system should continue.

In the UK, the Welsh government has proposed pilot schemes exploring the use of electronic voting in local and by-elections, with calls that the programme be extended across the country. One of the main aims of the innovation is to cultivate interest in politics and encourage voting among young people.

Mr Hakkanen, however, believes that electronic voting could lead to people, including young voters, being manipulated rather than enfranchised.

“It increases the vulnerability of the system. It would make it possible to spread false rumours even when the system is not compromised and thus decrease the trust people have in the integrity of elections,” he said.

“We are facing a new phenomenon, there was a study showing that only 20 per cent of the millennials in the US think that democracy is the best system and that it will continue. I think the big problem for the next two decades would not be the economy, but protecting democracy.”

Independent

You Might Also Read:

Hackers Are Fighting A Surrogate Cold War:

NATO Can’t Agree On What A Cyber Attack Is:

 

« British Army Gets a New Robot
USA & China Named As Top Cyber-Attack Sources »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Attivo Networks

Attivo Networks

Attivo Networks is an award winning provider of deception for in-network threat detection, attack forensic analysis, and continuous threat response.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Bittium

Bittium

Bittium provides proven information security solutions for mobile devices and portable computers.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

CloudBolt Software

CloudBolt Software

CloudBolt provide solutions for your toughest cloud challenges. From automation, to cost and security, and hybrid IT governance — we have you covered.

NCC-CSIRT (Nigerian Communications Commission)

NCC-CSIRT (Nigerian Communications Commission)

NCC has established a CSIRT for the telecommunication industry to provide services and support for the prevention and management of potential cyber security related emergencies.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Intelligent CloudCare

Intelligent CloudCare

Intelligent CloudCare, a division of IPS, is a full IT Services provider serving the needs of SMBs in the metropolitan New York City region.

Zenzero

Zenzero

Zenzero simplifies technology adoption and supports our customers through managed and outsourced IT support.

CipherStash

CipherStash

CipherStash is a complete data governance and breach prevention platform.

Cypfer

Cypfer

CYPFER is a global market leader in ransomware post-breach remediation and cyber-attack first response.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.

Vorlon

Vorlon

Vorlon's agentless patent-pending solution facilitates risk profiling of apps, and provides AI-driven behavioral analytics with response recommendations.

RAD Security

RAD Security

RAD Security (formerly KSOC) is a cloud native security company that empowers engineering and security teams to drive innovation so they can focus on growth versus security problems.

Southern Cyber

Southern Cyber

At Southern Cyber, our mission is to deliver world-class information security solutions that align businesses with leading security frameworks and compliance standards.