Cyber Weather

Cyber Weather includes three categories for cyber security phenomena:

sunny = situation is calm

cloudy = situation is worrying

stormy = situation is serious

Cyber Weather reports include the following sections:

Cyber weather of the past month

Cyber Weather begins with key events of the past month. The report presents a concise summary of monitored phenomena, which have already been discussed in more detail in our Weekly reviews to disseminate information as quickly as possible. Alerts issued during the month and other major measures, such as matters promoted by the NCSC-FI, have been compiled in their own section. The page with an overview of cyber security gives a short overall description of the month. The monthly summary is presented in a six-cell table at the beginning of the report. It covers the following phenomena:

“Data breaches and leaks” focuses on protective measures and information about trends in data breaches and leaks observed by the NCSC-FI. Successful data breaches may cause, for example, considerable financial losses and reputational damage to the target organisation.

“Scams and phishing” covers phishing attempts to steal user credentials and passwords, invoicing fraud, corporate fraud, extortion and other similar scams. Phishing campaigns targeted at organisations and ordinary people may also involve online banking details, payment card details and other generic scams.

“Malware and vulnerabilities” discusses the main publications and observations in the field and includes recommended actions and links to further information.

“Automation and IoT” takes a look at news and current affairs in the sector in Finland and abroad. Automation systems are used to control and monitor different services or devices at an industrial or processing plant, for example.

“Network performance” presents major disturbances in the functioning of public communications services in Finland, significant disturbances in other ICT services and denial-of-service attacks in Finland and abroad.

“Spying” focuses on cyber espionage and other cyber operations by state actors or groups associated with them. The objectives of these operations may include political intelligence gathering, corporate espionage or the destruction of information systems, for example.

Trends in sectors and phenomena

This section looks at developments and trends in different phenomena. The objective is to explain developments by providing information about their background and context. In future, the section will look at cyber security trends in different sectors and present key observations from the point of view of organisations, in particular. The graphs and statistics included in the Cyber Weather are published with intervals of 3–6 months and are always presented in the Cyber Weather report of the month when their updates are released. After that, they are no longer included in following weather reports.

Long-term outlook and the near future

The section presents cyber security phenomena in the long term (5+ years) and in the near future (6 months to 2 years). We monitor long-term cyber phenomena whose developments are widely connected to our society and may have long-term effects on several sectors and the daily lives of people. Occasionally, changes in society may also affect cyber security and we need to examine the phenomena and their effects from the opposite direction. TOP 5 cyber threats, on the other hand, highlight threats in the near future from the viewpoint of organisations, in particular.

The long-term cyber phenomena and TOP 5 threats are based on the regular analyses of our teams of experts. The phenomena may cover a wide range of matters from international politics to technical issues. The cyber world is full of phenomena and events that affect the daily operations of various organisations.

Our presentations of TOP 5 threats and long-term cyber phenomena have limited space and cannot cover all possible cases. The threats included in our Cyber Weather reports are those that our experts have prioritised as the most significant ones. However, the lists are by no means intended to represent the only threats that organisations should consider in their operations – others must be kept in mind too. The TOP 5 threats are reviewed four times a year. The long-term phenomena are updated once a year, and one phenomenon is examined in more detail each month.

In the section on developments, regulation and standards in the information security sector, we provide information on key reforms and changes in national and EU regulation, for example. Regulatory changes, in particular, affect organisations and consumers alike.