Cybersecurity as part of national security

Cybersecurity is one of the areas of national security. The aim is to protect the increasingly digital society and society’s ability to function against hostile cyberattacks and intelligence gathering on information networks. 

Cyber threats to national security are typically state-sponsored cyber threats in which information networks are used, and the threats are targeted at critical infrastructure, decision-making by the state and state management, or national defence, for example.

However, cybercrime groups are also increasingly launching ransomware attacks against actors in the healthcare and energy sectors, for example. In addition, state actors use cybercrime groups as subcontractors to conceal their own participation.

Information networks as a channel of state influence

Typical features of state-sponsored cyber threats include using unlawful means to try to obtain information about central government decision-making or to expose critical vulnerabilities that could affect the capacity of the state and society to function. 

Cyber interference is part of the range of hybrid methods that are used to exert influence through information in order to undermine social stability or that seek to influence the decision-making of state leaders along with other means of pressure. 

State-sponsored cyber espionage may also target the knowledge capital of companies and research institutes, in which case the aim of illegal information gathering is to obtain information on product development to strengthen the competitiveness of one’s own industry or to acquire technologies subject to export control for military purposes. 

Both cyber interference and cyber espionage are part of our reality even in peacetime. In emergency conditions, cyberattacks can be used as means of warfare, as Russia’s invasion of Ukraine has shown in a very concrete manner.

Emerging and disruptive technologies will shape cyber threats

Emerging and disruptive technologies, such as artificial intelligence and quantum technologies, will affect national cybersecurity. Artificial intelligence can be exploited to create more advanced malware and attack techniques, or to create more convincing deepfakes for data pfishing or information influence activities. More powerful quantum computers will be able to break the current, widely used cryptographic solutions based on public key methods. 

On the other hand, artificial intelligence and machine learning models will improve cybersecurity because they can be used to identify and combat cyberattacks. In the future, quantum communications will enable highly secure data transfer based on quantum key distribution.

Identifying perpetrators of cyberattacks is challenging

Identifying the party behind cyberattacks is always a challenge. The attacker or intruder may attempt to cover their tracks by routing their attack through several commercial servers, anonymising the intrusion tools they use, deliberately misleading the target or using intermediaries such as cybercrime groups to conceal the actors behind them.
 
However, an attempt can be made to identify the attacker on the basis of previous operating methods, the infrastructure and malware used in the attack as well as the intrusion targets. 

A key method in responding to cyberattacks is not only to correct identified vulnerabilities but also, increasingly, to name the attacker in public and to employ various diplomatic and economic means, including sanctions.

The attacker or intruder may attempt to cover their tracks by routing their attack through several commercial servers, anonymising the intrusion tools they use, deliberately misleading the target or using intermediaries such as cybercrime groups to conceal the actors behind them.

Inquiries: Hannu Kotipelto, tel. +358 295 488 354