Nordic countries discuss joint cyber defense capabilities
The Nordic governments are holding urgent cross-border talks on IT network security cooperation with the aim of developing a common strategy to strengthen their national defenses against the heightened threat of cyber attacks following the Russian invasion of Ukraine.
The need for a common approach and collective action on cybersecurity is being driven by the rapid deterioration in trade and political relations with a more openly menacing Russia.
In particular, Moscow has become more hostile to the deepening of Sweden and Finland’s defense partnership with NATO, a partnership that is likely to result in the two militarily untied Nordic states joining the alliance at some point in the future.
As Russia continues to flex its military strengths in the Far North, Moscow is also rebuilding the capabilities of its armed forces in the strategic Baltic region.
Participation in a future Nordic cooperation on cyber defense is open to the NATO-affiliated Baltic states of Estonia, Latvia and Lithuania. The main focus of the discussions between the Nordic governments was the search for common positions on the development of a common cyber security policy, which includes joint initiatives to create improved protection of critical IT networks.
The immediate result of the top-level talks between Nordic defense ministers since February 2022 was the commitment of all states to launch projects to assess the integrity and performance of their IT network defense capabilities against threats and attacks from the cybersphere. Once the IT security projects are completed by the third quarter of 2022, the Nordic governments will discuss specific issues related to intensifying cross-border cybersecurity cooperation.
Finland has taken the lead in self-assessment of IT network security. The Ministries of Defense and Interior are conducting a joint project to assess current cybersecurity capabilities and develop them through further improvements in hiring talent and deploying advanced cyber defense technologies and techniques.
The ongoing journey towards digital transformation and greater reliance on well-functioning information networks and systems are exposing the Nordic nations to new and more aggressive threats from the cybersphere, said Petri Knape, director of the national security department at the Finnish Interior Ministry.
“Cyber threats have increased and become more diverse,” says Knape. “They also blur the distinction between internal and external security on the one hand and civil and military threats on the other. Domestic and international threat environments are constantly evolving, and government agencies must keep pace.”
High IT security protection
The joint assessment of Finland by the two ministries, carried out as part of the Cybersecurity Development Program government decision launched in June 2021, will test the ability of key defense and state security agencies to provide a high level of IT security protection against cyber threats.
The assessment will also measure the ability of government defense and national security agencies tasked with countering cyber threats to respond quickly to evolving situations that, on their own, may not threaten major disruptions to public and private IT networks, but require effective measures and possible countermeasures.
The pan-Nordic cyber defense cooperation will involve the emergency preparedness authorities, state defense organizations and national cyber defense centers in each of the five countries. Governments aim to set up a jointly managed Nordic Early Warning System (EWS) capable of sharing intelligence and information on cyber threats in real time.
Moscow issued some stark warnings to Nordic governments in March as it began channeling military and humanitarian aid to support Ukraine’s defense efforts against Russia.
Aside from weapons, food and clothing, a number of Nordic countries are supporting tech-led initiatives by private companies to help Ukraine defend against IT-based threats from Russia against its core IT networks, military equipment and facilities.
Stockholm-based IT consulting firm Beetroot became the target of threats from Russia in March when the company offered its expertise to the Ukrainian army to counter signal attacks and cyberattacks on military IT networks.
Beetroot’s ecosystem includes a network of research and development (R&D) offices employing more than 600 “staff” in cities in Sweden, Bulgaria, Poland and Ukraine. Beetroot, which increased its physical presence in Ukraine in 2018, supports the country’s armed forces in a variety of ways, said Andreas Flodstrom, the company’s CEO.
“Our software developers are used to synchronizing digitally and quickly,” he says. “We have joined forces with over 200,000 IT professionals in Ukraine to support the country’s self-defense capability. We work with IT teams who continue to bombard Russia with everything from distributed denial of service [DDoS] Attacks that overload Russian state and military-affiliated websites with calls to more advanced cyberattacks on Russian IT and artificial intelligence anchors.”
Beetroot’s “IT Army”.
The security service of the Russian Federation FSB, formerly KGB, has become a prime target for Beetroot and his so-called “IT army,” Flodstrom said.
The seriousness driving Pan-Nordic talks on cybersecurity cooperation is evident in the Norwegian government’s April 1 decision to increase the country’s national digital security budget for 2022 by NOK 200 million (EUR 21 million). .
The increase in Norway’s national budget for digital security was influenced by a number of significant events, including a February 28 malware attack on the Ukrainian embassy in Oslo. The budget increase also echoes a series of alarming reports from Etterretningstjenesten, Norway’s military intelligence agency, pointing to possible cyberattacks by bad actors in Russia targeting the country’s offshore oil and gas assets.
Russia’s invasion of Ukraine has created a new, riskier security environment for the Nordic countries, making digital-based attacks on Norway more likely. Of greater concern is Russia’s use of a wide range of military and non-military tools over the past six months, Justice and Public Security Minister Emilie Enger Mehl said.
“Given the threat landscape we face, our civilian emergency preparedness against cyber attacks must be strengthened so that we can act quickly to increase our efforts to counter digital attacks,” said Mehl. “The additional funds will increase digital security to detect and prevent attacks while enhancing our cybersecurity capabilities at local, regional and national levels.”
Increased funding from Norway’s national digital security budget will result in increased resources for the National Security Agency (NSM/Nasjonal sikkerhetsmyndighet), a national service agency that responds to severe cyberattacks and operates a national intruder alert system for the country’s digital infrastructure.
The NSM will receive almost NOK 60 million (€6.3 million) to improve its ability to counter cyber attacks and to support private and public organizations, including municipalities, to install digital intruder alert systems provided by the NSM . These serve as early warning systems to detect cyber attacks and send appropriate notifications about risks and real threats to the NSM.
Municipalities across Norway will also receive an additional NOK 50 million (EUR 5.2 million) to increase their capacity to deal with malicious ICT events.
The very real and pervasive cyber threat against Norway and its Nordic neighbors is sure to intensify in 2022, said Gunnar Ugland, head of Norwegian Telecom’s Group Security Center.
“It is unlikely that we will see any improvement in 2022,” he said. “The cyber threat situation will get worse before it gets better. These events can endanger human life, especially when the attackers target energy utilities or hospitals.”