The National Cyber Security Centre Finland’s weekly review – 52/2023

Topics covered in this week’s review

• The Akira ransomware has ten domestic organisation victims already.
• Welcome to the Kyberala murroksessa seminar!
• Review of the weekly reviews in 2023
• The National Cyber Security Centre Finland wishes you a safe New Year 2024!

The Akira ransomware has ten domestic organisation victims already.

Akira ransomware actively targets domestic organizations. Akira has been found to exploit especially the Cisco network device vulnerability CVE-2023-20269 and weakly protected Cisco VPN solutions. Even for VPN solutions, multi-factor authentication is vital to protect yourself from cyber-attacks. Educating users is emphasized, for example, with regard to strong passwords and phishing messages. Even a strong password won't help, if the attacker gets to know it, for example, through a phishing message. We talked about this in the weekly review 49/2023 .

The National Cyber Security Centre Finland is aware of ten victims hit by the Akira ransomware in Finland in 2023. The first cases are in the summer months, so Akira has been particularly active compared to other ransomware actors based on statistics from the end of the year. Akira cases have varied depending on the organisation, from the encryption of the entire IT infrastructure to individual servers. Up-to-date backups and planned processes in the event of cyber incidents have also been emphasized in the notifications made to the National Cyber Security Centre Finland. Recovering from a cyber breach is faster and more efficient if the preparation work is done before the organisation becomes the target of ransomware. We also remind you of the importance of internal and external communication in the event of a cyber breach. Preparing for communication in case of cyber disruptions is especially recommended.

Welcome to the Kyberala murroksessa seminar!

Cyber security business environment and regulation are changing - are we ready? NIS2, CRA and RED are acronyms that flash around in discussions about the industry. What does the regulation behind the aforementioned abbreviations contain? What kind of requirements and obligations are coming up for companies? How should you prepare for the coming regulation?

Among other things, these issues will be discussed in a seminar organised by the Finnish Transport and Communications Agency Traficom, Finnish Information Security Cluster- Kyberala ry and Technology Industries of Finland.

Where? Eteläranta 10 and webcast

When? Tuesday 23 January 2024 at 12–16:30

Please note! Eteläranta 10 seats have already been filled, but online participation is open to all those who wish to participate.

Review of the weekly reviews in 2023

During this year, we have talked about many information security topics in the weekly reviews. Various scam messages and phishing have been featured repeatedly. Citizens' payment information is fished almost constantly in the name of the post office, banks, and authorities,  Criminals also follow the rhythms of society: scam messages about tax refunds are sent at the same time as tax refunds are actually distributed, and fake online stores become more common during consumer celebrations.

In the summer, we published an exceptional number of vulnerability bulletins about critical software vulnerabilities. The National Cyber Security Centre Finland also mapped vulnerable devices in Finland and notified the owners of the devices. In many cases, the waves of exploitation of vulnerable devices seen around the world showed that our recommendations to update the devices prevented up to tens of data breaches.

In October, we issued a yellow warning about a phishing campaign targeting M365 email accounts. Secure mail-themed messages were used to lure recipients into handing over their email credentials, and hacked accounts were used to forward phishing messages. The active exchange of information and informing about findings related to the campaign helped Finnish organisations protect themselves and identify accounts that had already been hijacked. Extensive cooperation and information sharing between the private and public sectors helped to defeat the phishing campaign in a couple of weeks. Even in the future, a cyber-safe Finland is best achieved through cooperation!

The National Cyber Security Centre Finland wishes you a safe New Year 2024!

As the year comes to an end, the National Cyber Security Centre Finland wishes everyone a safe, and especially cyber-safe, New Year 2024! Various cyber threats and online crime are not disappearing, but cooperation can make the coming year even safer.