Front Page: NCSC-FI
Front Page: NCSC-FI

Cyber threat level remains elevated, targeted attacks have become more frequent

Information security now!

Attackers are increasingly interested in Finnish organisations. The nature of cyber attacks has also changed with the number of targeted attacks against carefully selected target organisations increasing, in particular. Despite the increase in incident volumes, Traficom and the Finnish Security and Intelligence Service (Supo) consider it unlikely that a cyber attack would paralyse the Finnish society.

The number of information security incidents reported to the National Cyber Security Centre Finland at Traficom has increased year by year. The growth is partly due to increased interest in and awareness of cyber security but it is also attributable to targeted cyber influence operations against Finland.

Russian cyber operations against Finland have also become more frequent because Russia has been forced to turn to the cyber environment as its human intelligence operations have become more difficult. “Compared to common criminals, state actors have more experienced operators, more resources and better tools,” says Supo Director Antti Pelttari

Information sharing increasingly important

Instead of focusing merely on quantitative aspects, it is important to examine how cyber attacks affect security of supply and the comprehensive security of society.

The National Cyber Security Centre Finland at Traficom maintains national situational awareness about cyber security, covering the whole Finnish society. Analyses of this information and data help examine the effects of various incidents and the long-term development of cyber security.

“Each day, Finland faces cyber threats of various levels, ranging from denial-of-service attacks to attempted data breaches and malware attacks by cyber criminals. Extensive cooperation is necessary as our threat level has now become permanently elevated. We take active protective measures in good cooperation with other authorities, businesses and, in particular, organisations vital to the security of supply to avoid cyber attacks,” says Kirsi Karlamaa, director-general at Traficom.

New attack methods

In recent months, cyber attacks have been more and more frequently targeted at central government and organisations vital to the security of supply. One of the changes compared to 2021 and 2022 is that these days ransomware attacks seem to more frequently target single pre-selected organisations. Politically or socially motivated hacktivism has also increased during the past year.

Despite recent developments, preparedness and the related extensive long-term cooperation among authorities and organisations vital to the security of supply help Finland stay one step ahead when it comes to cyber protection. Ensuring protection against cyber threats requires constant efforts, and the work is never done.

“Information security measures need to be taken today, not when something bad has already happened. Good cooperation among various operators is key to success in this work,” says Pelttari from Supo.


Traficom communications team:, tel. +358 29 534 5648.

Supo communications team:, tel. +358 50 402 6981