Oleksiy Mark - Fotolia
The European Union (EU) needs to take a stronger stance on cyber security, both to counter the growing wave of cyber crime and to confront the immediate threat of destabilising attacks from Russia, according to senior executives from WithSecure.
The enterprise security company, created from the split of F-Secure’s enterprise and consumer businesses earlier this year, is holding its inaugural Sphere conference in Helsinki, 300km away from Russian president Vladimir Putin’s home town of St Petersburg.
Speaking at the opening of the event today (1 June 2022), WithSecure’s president and CEO, Juhani Hintikka, said: “Finland doesn’t often make it into international headlines. That changed when Russia invaded Ukraine and the Europe security landscape transformed overnight.”
Russia’s assault on Ukraine has involved repeated attempts to take out the country’s critical national infrastructure but hasn’t been accompanied by a broader range of cyber attacks on other countries, as might have been expected. However, tension between Russia and Finland, and its neighbour Sweden has shot up after the two applied to join Nato.
Hintikka said this means that “Finland and Sweden are surely becoming more interesting targets for hacking groups with Russian ties”.
But it was too late for the sort of disinformation efforts that Moscow specialises in to derail the shift towards Nato, he added. “What is more worrying, though, is that later cyber attacks by the Russian government, directly or state-sponsored groups, as a retaliation against the decision to join Nato could happen. Also, cyber espionage attacks are a likely scenario.”
WithSecure’s chief research officer, Mikko Hypponen, said that although it might appear that Russia is not waging a successful cyber assault on Ukraine, this is largely because of Ukraine’s defence efforts, backed by Western partners such as Google and Microsoft.
Intelligence suggests the level of attack activity against Ukraine is actually up by a factor of three compared with a year ago, he said. And there have been some clear successes for Russia, including crippling its border control systems in the early days of the war with a wiper attack.
Finland’s long history of civil defence, contingency planning, military capabilities and understanding of Russia would make it a valuable partner for Nato, said Hintikka. This is backed by a strong tradition of public-private cooperation, including on cyber issues, he added.
But the EU also needs to play a stronger role on cyber issues, said Hypponen. “It is not only technology as such, but also technological standards become critical. If the EU doesn’t set its own standards, it will be forced to adopt standards made by others.” And suppliers need to take responsibility for the products they produce, he added, particularly when it comes to the internet of things (IoT).
Although the default setting for cyber might be the US, said Hintikka, China, with its tech sector, is also waiting in the wings. It is already represented on technology bodies in Europe, he pointed out.
“Geopolitically speaking, technology is not neutral. Europe must stand its ground,” he added.
Hypponen said that although information is collected by EU governments, and the EU has agencies like Enisa, “it is far from the level of cooperation in the US”. The consequence is that data sharing is “lagging behind”, he said.
Away from geopolitics, the current situation makes it harder to counter ransomware gangs, said WithSecure CTO Christine Bejerasco. One of the most effective ways to tackle ransomware is to cut off the people at the top, as the industry and authorities managed with an earlier wave of exploit kits, she said.
“But this needs cooperation across geopolitical boundaries. And the challenge with ransomware threat actors now is that the strongest actors are in Russia.” The current geopolitical climate makes this sort of cross-border cooperation unlikely for the foreseeable future, said Bejerasco.
But, she added, the perpetrators “kind of like to flaunt their wealth – so at some point, they’re going to travel; and when they travel, this international cooperation outside of national borders could be the thing that helps solve it”.
In the meantime, said Bejerasco, companies and organisations need to ensure they understand their own attack surfaces, have the right tooling and processes in place and understand their own assets, and therefore know what they need to protect.