Cyber security as part of national security

Cyber security is one of the targets of national security. The aim is to protect the increasingly digital society and society’s ability to function against hostile cyber attacks and intelligence gathering on information networks. 

Cyber threats to national security are typically state-sponsored cyber threats in which information networks are used, and the threats are targeted at critical infrastructure, decision-making by the state and state management, or national defence, for example.

Information networks as a channel of state influence

Typical features of state-sponsored cyber threats are an attempt to obtain information through unlawful means about both central government decision-making and the critical vulnerabilities in view of the state’s capacity to function. The aim may also be to more extensively interfere with, weaken and paralyse decision-making and the functioning of society.

Cyber interference can be part of the range of hybrid methods used for hostile influence, which supports, for example, exerting influence through information aimed at undermining social stability or which seeks to influence the decision-making of state leaders as part of other means of pressure.  

State-sponsored cyber espionage may also target the knowledge capital of companies and research institutes, in which case the aim of illegal information gathering is to obtain information on product development to strengthen the competitiveness of one’s own industry or to acquire technologies subject to export control for military purposes. 

Identifying perpetrators of cyber attacks is challenging

Identifying the party behind cyber attacks is always a challenge. The attacker or the intruder attempts to cover their tracks, for example by routing their attack through several commercial servers, anonymising the intrusion tools they use, misleading deliberately or using intermediaries to protect the actors behind them.
 
However, an attempt can be made to identify the attacker on the basis of previous operating methods, the infrastructure and malware used in the attack as well as the intrusion targets. 

A key method in responding to cyber attacks is not only to correct identified vulnerabilities but also, increasingly, to name the attacker in public and to employ various diplomatic and economic means, including sanctions.

Inquiries: Hannu Kotipelto, tel. +358 295 488 354