Andrea Danti - Fotolia

Nordic states deepen cyber defence collaboration

Nordic and Baltic government leaders discuss pooling technologies and competences to counter hybrid threats within the cyber security domain

Nordic collaboration is about to undergo a serious and redefining makeover. This shift in direction is substantially due to the perceived threat posed by a military-resurgent Russia in the High North and Baltic Sea regions.

Confronted by a less predictable neighbour, Nordic governments have rediscovered the untapped practical and mutual advantages to be harnessed in key cross-border areas such as security and defence. Pooling technologies and competences to counter hybrid threats within the cyber security domain emerged as an urgent focal point for collaboration during summit meetings between Nordic and Baltic government leaders and their defence ministers in Helsinki on 7 November.

Inter-state cooperation between the Nordic countries has historically been largely aspirational rather than a deeply embedded objective to deliver significant common advantages or usable initiatives in trade, technology and security.

The overall status of the Nordic Council, the central forum for regional political partnership, lost much of its initial importance when Finland and Sweden joined the European Union (EU) in January 1995. Denmark had joined the EU’s predecessor, the European Economic Community, in 1973.

Given that Norway and Iceland have opted to remain outside the EU and inside the European Free Trade Association (EFTA), the cooperation between the Nordic nations became even more loose and fragmented, despite the annual schedule of summit-style meetings between prime ministers and senior civil servants. Similarly, the concept of universal Nordic cooperation has generally failed to take root at EU-level. Differing priorities and national self-interest have served as a counter-weight to Finland, Sweden and Denmark bloc-voting on a wide range of trade, infrastructure and social issues.   

But cyber threats and attacks do not discriminate between state borders, said Sven Sakkov, director of the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence (CCDCE). Sakkov hopes that all Nordic states – taking a lead from Finland and Norway, which decided to join the CCDCE in November – will become full members of the CCDCE.

“Cyber defence has evolved into a domain of warfare next to land, sea, air and space,” said Sakkov. “It has changed our lives and will change warfare. The CCDCE can help our Nordic partners and other nations prepare for this future.”

With primary funding sourced from Nato, Estonia has been at the forefront of cyber defence since it established the CCDCE in Tallinn in May 2008. A year earlier, Estonia came under a sustained cyber attack originating from Russia. The ultra-aggressive cyber strike targeted and shut down state and private sector IT and communications systems, including IT computer assets and infrastructure operated by the country’s leading high-street banks and the military. No cyber attack on a similar scale has been launched successfully against Estonia since 2008.   

Read more about cyber security in the Nordics

Powered by an ambitious common cause in Helsinki, Nordic governments are backing a coordinated approach to developing joint cyber security systems that will comprise, over time, both defensive and, potentially, weaponised offensive capabilities. At the front end, the cooperation will elevate information sharing and counter responses to cyber threats to civilian, commercial and critical national infrastructure. This sharing of intelligence and data will directly affect collaboration between dedicated cyber security units operated by both homeland security agencies and the armed forces in each country.

The deepening military dimension of cooperation within the cyber security domain will be routed through the Nordic Defence Cooperation (NORDEFCO) agency. NORDEFCO serves as an administrative centre and clearing house for jointly run research and projects between national armed forces. The agency’s reach was broadened in 2015 to include the Nato-aligned Baltic states Estonia, Latvia and Lithuania.

NORDEFCO’s Military Coordination Committee (MCC) now plans to fast-track and advance the development of joint cyber defence capacities and capabilities between Nordic and Baltic militaries. This work will include serial training exercises, joint cyber research and related projects managed by NORDEFCO’s Cooperation Capabilities (COPA CAPA) wing. The COPA CAPA will also examine the potential cost benefit and operational gains from closer cyber security collaboration between the Nordic and Baltic nations.

The outcome of this tier of elevated cooperation is expected to lead to the establishment of jointly funded and operated training centres, the testing of new cyber defence technologies, real-time intelligence sharing and shared access to simulator facilities. NORDEFCO has tasked the Finnish Armed Forces’ (FAF) Cyber Defence Unit (CDU) with leading the development of so-called Computer Emergency Response Teams (CERT). These are designed to operate as front-line units to monitor, identify and deal with hostile cyber attacks that target critical public and military infrastructure.

At a fundamental level, the primary objective for a unified Nordic approach to cyber defence is to develop more effective joint capabilities based on enhanced information sharing, identifying best-practice computer emergency responses and more regular cyber security-based defence exercises. 

Hybrid cyber threats

“Hybrid cyber threats have become a permanent part of the Finnish and Nordic security environment,” said Jori Arvonen, chair of the Helsinki-based European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE) steering committee. “Governments have a duty to respond to this growing menace.”

Having begun operations in October 2017, the Hybrid CoE is tasked with developing advanced systems to improve civil-military capabilities, resilience and preparedness to counter hybrid threats with a special focus on Nordic and European security. Significantly, the Hybrid CoE will liaise with NORDEFCO and will collaborate with Nato and EU-operated cyber security organisations. Estonia, Latvia, Lithuania, Norway and Sweden have become participating members of the Hybrid CoE, and Denmark is expected to join in 2018.

The global nature of the cyber security threat is also driving transatlantic partnerships with Nordic countries. To this end, Finland has launched a joint cyber research project in partnership with the US. The initiative comprises a new Cyber Research Institute (CRI) in Oulu, northern Finland. The senior US partner is the Industry University Cooperative Research Center, a division of the National Science Foundation. The Finnish-US cyber security research cooperation project will be mainly funded by the state-run Finnish Funding Agency for Innovation.

The spin-off from pan-Nordic cooperation, in terms of knowledge and expertise, will also benefit Norway’s newly launched International Cyber Strategy (ICS), which aims to confront and micro-manage hybrid digital security challenges and vulnerabilities. This integrated strategy aims to harness military, civil defence and international expertise to develop systems that enhance protection of critical infrastructure from cyber threats.

Sweden, which will also benefit from pan-Nordic collaboration in the cyber domain, continues to invest heavily in cyber security. The Swedish Armed Forces’ cyber defence budget is projected to increase by €10m to about €150m in 2018. The extra capital will be distributed among core cyber defence and counter-terrorism projects and programmes run by the National Defence Radio Establishment, the armed forces’ de facto signals intelligence section. MUST (Militära underrättelse- och säkerhetstjänsten), Sweden’s chief military and foreign intelligence service, will also benefit from increased funding for its cyber threat defence programmes and projects. 

Read more on Hackers and cybercrime prevention