Front Page: NCSC-FI
Front Page: NCSC-FI

We help organisations detect information security incidents, and support them in resolving them successfully.

Incident response

We invite reports from private persons, businesses and organisations who suspect that they have fallen victim to an actual or attempted information security incident, such as malware infection, phishing or DoS attack.

Based on the reports, we can assist them in resolving and investigating the incidents and coordinate the required actions. We provide assistance to all Finnish actors within the limits of our available resources.

We can, for example:

  • share information
  • contact collaborators and collaborative networks
  • perform technical analysis
  • provide legal guidance.

Moreover, we maintain a 24/7 service for government organisations and critical infrastructure suppliers. To request for the number of the hotline, please contact

Network monitoring and early warning

We serve government organisations and critical infrastructure suppliers by means of the HAVARO network monitoring and early warning system.

The system detects malicious or abnormal traffic on an organisation’s network traffic. We warn our clients of any security incidents detected, send alerts of threats identified elsewhere, and prepare reports on the security status of our clients’ organisations and operating environments.


With the help of the Autoreporter system, we and telecommunications operators join forces in the fight against malware. Autoreporter receives information on malware traffic originating in Finland from nearly all over the world. We forward this information to telecommunications operators, who further the information to their end customers.

More information

For more information about Autoreporter, please contact