Nordic governments are holding urgent cross-border talks on IT network security collaboration with the aim of developing a common strategy to strengthen their national defenses against the increased threat of cyber attacks following the Russian invasion of Ukraine.
The need for a joint approach and collective action on cybersecurity is driven by rapidly deteriorating trade and political relations with a more openly threatening Russia.
In particular, Moscow has become more hostile to the deepening of Sweden and Finland’s defense partnership with NATO, a partnership that is likely to see the two militarily non-aligned Nordic states join the alliance at some point in the future.
Just as Russia continues to flex its military in the High North, Moscow is also rebuilding the capabilities of its armed forces in the strategic Baltic Sea region.
Participation in a future Nordic cyber defense collaboration will be open to the NATO-aligned Baltic states of Estonia, Latvia and Lithuania. The main focus of the discussions between the Nordic governments has been to find shared positions to develop a common cybersecurity policy that incorporates joint initiatives to provide an umbrella of enhanced critical IT network protection.
The immediate result of high-level talks between Nordic defense ministers since February 2022 has been a commitment by all states to launch projects to assess the fullness and performance of their IT network defense capabilities against threats and cybersphere attacks. Once the IT security projects are completed by the third quarter of 2022, the Nordic governments will discuss specific issues related to increasing cross-border cybersecurity cooperation.
Finland has taken the lead in IT network security self-assessment. Its defense and interior ministries are conducting a joint project to assess current cybersecurity capabilities and how to develop them through further improvements in talent recruitment and the deployment of advanced cyber defense technologies and techniques.
The ongoing journey to digital transformation and increased reliance on well-functioning networks and information systems exposes Nordic nations to new and more aggressive threats from the cyber sphere, said Petri Knape, director of the Ministry’s national security unit. from the interior of Finland.
“Cyber threats have increased and become more diverse,” Knape said. “They also blur the distinction between internal and external security on the one hand, and between civilian and military threats on the other. National and international threat environments are constantly evolving and government authorities must keep up.”
High level of IT security protection
Finland’s joint assessment by the two ministries, which is being carried out as part of the government’s resolution on the Cyber Security Development Program launched in June 2021, will test the ability of state security agencies and key defense to provide a high level of IT security protection against cyber threats.
The assessment will also measure the ability of state defense and homeland security agencies tasked with defending against cyber threats to rapidly respond to evolving situations that, on their own, may not threaten significant disruption to IT networks. public and private, but require effective action. and possible countermeasures.
The pan-Nordic cyber defense collaboration will involve emergency preparedness agencies, state defense organizations and national cyber defense centers in each of the five countries. The governments want to establish a jointly managed Nordic Early Warning System (EWS) that is equipped to share intelligence and information on cyber threats in real time.
Moscow issued some sharp warnings to Nordic governments in March once military and humanitarian aid began to be channeled to support Ukraine’s defensive efforts against Russia.
Aside from weapons, food and clothing, several Nordic countries are supporting technology initiatives by private companies to help Ukraine counter Russia’s cyber threats against its major computer networks, equipment and military installations.
based in Stockholm Beetroot IT consulting company became the target of Russian threats in March, when the company offered its expertise to the Ukrainian military to combat signal attacks and cyberattacks against military IT networks.
The Beetroot ecosystem comprises a network of research and development (R&D) offices employing more than 600 “operatives” in cities across Sweden, Bulgaria, Poland and Ukraine. Beetroot, which increased its physical presence in Ukraine in 2018, is supporting the country’s forces in multiple ways, he said. Andreas Flodström, CEO of the company.
“Our software developers are used to fast, digital timing,” he said. “We have partnered with more than 200,000 IT-skilled people in Ukraine to support the country’s ability to defend itself. We are working with IT teams that continue to bombard Russia with everything from Distributed Denial of Service [DDoS] attacks, which overload with calls to the sites linked to the Russian state and the military, to more advanced cyberattacks against Russian IT and artificial intelligence anchors.”
Beetroot’s ‘IT Army’
The Russian Federation’s security service, the FSB, formerly the KGB, has become a prime target for Beetroot and his so-called “IT army,” Flodström said.
The serious intent driving the pan-Nordic collaboration talks on cybersecurity is evident in the Norwegian government’s decision on April 1 to increase the country’s national digital security budget for 2022 by NOK 200 million (€21 million).
The increase in Norway’s national digital security budget was influenced by a number of major events, including a malware attack on the Ukrainian Embassy in Oslo on February 28. In addition, the budget increase reflects a series of alarming reports from Etterretningstjenesten, Norway’s military intelligence service, which flagged possible cyberattacks by bad actors in Russia against the country’s offshore oil and gas facilities.
The Russian invasion of Ukraine has created a new, heightened security situation for the Nordic states that makes digital attacks against Norway more likely. More worrying is Russia’s deployment of a wide range of military and non-military instruments in the past six months, said jMinister of Justice and Public Security Emilie Enger Mehl.
“Given the threat levels we face, our civilian emergency preparedness against cyberattacks must be strengthened so that we can act quickly and bolster our efforts to combat digital attacks,” Mehl said. “The additional funding will increase digital security to detect and prevent attacks, while improving our cybersecurity capabilities at the local, regional and national levels.”
Increased funding for Norway’s national digital security budget will result in better resources for the National Security Authority (NSM/Nasjonal sikkerhetsmyndighet), a national service agency that responds to serious cyberattacks and operates a national threat alert system. intruders to the country’s digital infrastructure.
The NSM will receive almost NOK 60 million (€6.3 million) to improve its ability to combat cyber attacks and help public and private organizations, including municipalities, to install digital intruder alert systems provided by the NSM. NSM. These will serve as early warning systems to detect cyber attacks and send notifications of real risks and threats to the NSM.
Municipalities across Norway will also receive an additional NOK 50 million (EUR 5.2 million) to increase their ability to deal with malicious ICT events.
The very real and ever-present cyber threat against Norway and its neighboring Nordic states is sure to intensify in 2022, he said. Gunnar Ugland, Director of Norwegian Telecom’s Group Security Center.
“It is unlikely that we will see an improvement in 2022,” he said. “The cyberthreat situation will get worse before it gets better. These events can put lives in danger, especially if the attackers are targeting energy supplies or hospitals.”