Finnish intelligence warns of Russia’s cyberespionage activities

The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter.

The Finnish Security Intelligence Service (Suojelupoliisi or SUPO) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

According to the SUPO, future NATO membership will make the country a privileged target for Russian intelligence and influence operations.

The intelligence agency states that cyber threats to Finland’s critical infrastructure has increased in both the physical and cyber environments as a result of the Russian invasion of Ukraine. These malicious activities could potentially paralyse infrastructure operations with unpredictable consequences.

“Future NATO membership will make Finland a more interesting target for Russian intelligence and influence operations. One target of particular interest will be the formulation of policy in a militarily allied Finland. Russia’s assessment of what kind of NATO member Finland is becoming determines the aims and methods of influence operations.” reads the unclassified National Security Overview 2022 published last week by the Finnish agency. “Finland is portrayed as a member of a hostile alliance, whose location in the near vicinity of Russia exemplifies the threat of NATO enlargement, a narrative disseminated by the Russian regime.”

According to the report, Russia’s traditional intelligence gathering activity relied on spies with diplomatic cover, but this approach has become substantially more difficult since Russia invaded Ukraine, because many Russian diplomats have been expelled from the West.

The report pointed out that despite the Russian reactions to Finland’s NATO accession process have been restrained for the time being, and Finland was not targeted by any extraordinary influencing in the course of policymaking, the government fears an escalation of the malicious activities.

The agency also warns that these operations mainly target organizations and individuals from Western countries who reside in Finland.

The Russian security and intelligence services were increasingly targeting foreigners who reside in or visit Russia as well as Russians working in the West when they return.

SUPO also warns that Russian citizens working in critical positions in Finland may also be subject to coercion from Russian authorities.

“Russian intelligence services are likely to try to adapt their operations to respond more effectively to changed circumstances. Russia will probably focus its intelligence operations increasingly on the cyber environment. It is also likely that the threat of business espionage will grow as Russia feels the need to begin substitute manufacturing of cutting-edge technology. Russia may seek to acquire NATO-related intelligence through Finland.” the public intelligence assessment stated.

In December 2020, the Parliament of Finland confirmed that threat actors had access to the email accounts of multiple members of parliament (MPs). 

The attack took place in the fall of 2020, in the same period Russia-linked hackers accessed the emails and data of a small number of Norwegian parliamentary representatives and employees.

Foreign hackers broke into the internal IT system and accessed the email accounts of some MPs.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Finland)

[adrotate banner=”5″]

[adrotate banner=”13″]