More attacks, more regulation, more investment needed
April 25th, 2024, Stockholm, Sweden
Sweden is at the frontline: organisations have to raise their cybersecurity game to reflect that
The Nordic region is at Europe’s front line when it comes to geopolitical tension and the prime suspect in many recent attacks is Russia, according to senior figures including Major General Gunnar Karlson, head of the Swedish Military Intelligence and Security Service (Must) and Charlotte von Essen, the head of Swedish Security Services (Säpo).
Russia uses cyber-attacks as a geopolitical retaliatory measure as well as for long-term disruption and espionage. (For example, a Swedish government website was hit by DDoS cyberattack just as Swedish and other Nordic politicians met Ukraine's president Volodymyr Zelenskiy).
But there are other tensions: Sweden is also the target of Islamist disinformation campaigns and is attacked by groups who wish to use digital channels to instil fear of physical attack, as well as simply threatening to digitally disable critical national infrastructure.
For these reasons, in November 2022, the government appointed Henrik Landerholm as the country’s first National Security Adviser.
The public sector is the key target for many of these attackers: one report says that since 2006, there have been at least 722 cyberattacks on government agencies, 15% of which were reportedly carried out as part of a cyber espionage campaign. Figures from MSB, the Civil Contingencies Agency, show a significant increase in the number of serious DDoS attacks: in the first half of this year, 52 serious cyber attacks were reported to MSB versus 10 during the same period in each of the last three years. The Social Insurance Agency, Försäkringskassan, has seen such attacks double over three years
The private sector is not safe either of course. First, many politically-motivated attacks are expressed by attacks on private-sector CNI or accidentally spillover into the private sector. Second, these threat actors are joined by the many economically-motivated criminals who want to profit from digitally-enabled scams.
Ransomware is still the most prevalent form of economic attack, and the most damaging. Losses from ransomware are estimated to be running at more than SEK30 billion a year.
No organisation is safe. In November 2023, the website of the Swedish Church (Svenska kyrkan) was knocked out by a ransomware attack preventing, amongst other things, people from arranging funerals. The Church will not pay the ransom (“We will not agree to any demands,” says Pia Dahlén, head of communications) and the problem is ongoing.
In the face of the increased volumes and sophistication of attacks, organisations are finding it hard to respond quickly enough. Sweden is vulnerable to cyberattacks, and more collaboration between public and private actors is needed, to meet the skills gap in the public sector. Åke Holmgren, Head of the Division of Cybersecurity and Secure Communications at MSB says Swedish authorities can't sit back and think they're good enough — because they're not. And Säpo itself has noted that Sweden is lacking in protecting security-sensitive activities across key sectors.
So, what should Boards, risk officers and cybersecurity professionals be doing? Where should you be investing – cloud, network hardware protection, server-level DDoS protection, better network data analytics? What other mitigations can you put in place?
Come to the e-Crime & Cybersecurity Congress Nordics to find out:
• How your fellow cybersecurity professionals are coping with these challenges day-to-day?
• Does NIS2 help and what must you do to incorporate its requirements?
• What practical steps you can take to get better supplier visibility and understanding?
• How to economically enhance the security built into Cloud infrastructure and applications with
selected additional technologies.
• How new and not-so-new EU Directives are driving the Board view of cybersecurity risk and
investment.