Russia Blamed For Swedish Air Traffic Hack

Control tower at Arlanda Airport, Stockholm, Sweden.

Sources in the Swedish government have blamed Russian intelligence for causing a major cyberattack on Sweden's air traffic control system that lasted for at least five days in November 2015, allegedly due to Russia testing out its electronic warfare capabilities.

Between 4 and 9 November 2015, hundreds of domestic and international flights were grounded at multiple airports across Sweden due to its air traffic control system going offline. The attack caused the radar systems to stop working, which made the computer screens to go blank. This meant that air traffic controllers were unable to see any aircraft on their screens at all.

At the time, the Swedish Civil Aviation Administration publicly blamed a solar storm for knocking out air traffic control systems, which also impacted radar stations in Norway and Estonia. According to a Swedish military leaks news site, however, the real story was much deeper.

Anonymous sources told Aldrimer.no that during the attack, Swedish authorities traced the source of the attack to an Advanced Persistent Threat (APT) group that has previously been linked to the Russian military intelligence agency, Spetsnaz GRU.

Although Sweden is not part of Nato, it was so concerned that it sent urgent messages warning neighbouring countries that are Natoallies about the ongoing cyberattacks.

The source says that Swedish authorities were particularly concerned that Vattenfall, the Swedish state-owned power company, would be targeted by Russian hackers. As Vattenfall is one of the largest energy providers in Europe and owns several nuclear power plants in both Sweden and Germany, the potential damage from a cyberattack could have been astronomical.

The source also says that at the same time that Sweden issued its warning to neighbouring Nato countries, at the same time Nato independently detected that Russia instigated electronic warfare activity in the Baltic Sea region that was jamming air traffic communication channels. Nato traced the signals and they led to a large radio tower in the Russian enclave of Kaliningrad, to the south of Lithuania.

In October 2015, a month before the cyberattack on Sweden's air traffic control systems, a leading electronic warfare expert reported that Russia was using electronic warfare to both jam Islamic State (Isis) communications in Syria, as well as to mask its military activities from Nato.

The Swedish Civil Aviation Administration is currently investigating the true cause of the air traffic control system outage, but currently is not ready to release results from its analysis of data during the attack. Nato and the Swedish Armed Forces have both said they cannot comment on the issue.

IBTimes: http://bit.ly/1SyHABf

« Google Faces EU Monopoly Law Over Android Dominance
CEO Fraud Skyrockets 270% »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Quality Professionals (Q-Pros)

Quality Professionals (Q-Pros)

QPros are a recognized leader in providing full-cycle software quality assurance and application testing services.

Sopra Steria

Sopra Steria

Sopra Steria is a leading European information technology consultancy.

Data Recovery Services (DRS)

Data Recovery Services (DRS)

DRS provides data recovery services from media including hard disk drives, RAID, solid state disks SSD, memory sticks, USB drives, SD cards, tapes and mobile phones.

IronNet Cybersecurity

IronNet Cybersecurity

IronNet’s product and services provide enterprise-wide security management and visibility of your network, users and assets.

ThreatGen

ThreatGen

ThreatGEN™ works with your team to improve your resiliency and industrial cybersecurity capabilities through an innovative and modernized approach to training and services.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

Easy Dynamics

Easy Dynamics

Easy Dynamics is a leading technology services provider with a core focus in Cybersecurity, Cloud Computing, and Information Sharing.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

OptimEyes.ai

OptimEyes.ai

OptimEyes.ai is a unique AI-powered, on-demand SaaS solution for cyber-security, data privacy and compliance risk modeling.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

Amyna Systems

Amyna Systems

Amyna has developed an IoT cybersecurity platform that prevents malignant attacks, helping users to protect themselves from cyberattacks.

Assetnote

Assetnote

The Assetnote platform enables organizations to effectively map and continuously monitor their external attack surface.