Authorities in Sweden and Finland have raised alert levels for cyberattacks, concerned they face increased hacking risks because of the war in Ukraine and the two Nordic countries’ subsequent applications to join NATO.
Since Russia invaded Ukraine in February, cybersecurity officials in Sweden and Finland haven’t seen an increase in attacks targeting critical infrastructure, though they say the countries are becoming more interesting targets for hacking groups with Russian ties.
The two Nordic countries applied to join the North Atlantic Treaty Organization on Wednesday, after decades of neutrality. Approval could take months.
Hackers with links to Russia could try to sway the process in various ways, said David Lindahl, a research engineer at the Swedish Defense Research Agency, which is connected to Sweden’s Defense Ministry.
Hackers might deface Swedish websites and spread disinformation online, Mr. Lindahl said. While cyberattacks targeting the country haven’t intensified so far this year compared to past years, the NATO application means “we have changed the situation,” he said.
Hackers briefly took down Finnish government websites last month while Ukrainian President Volodymyr Zelensky was speaking before the Finnish Parliament. Russia has consistently denied involvement in cyberattacks.
Other cybersecurity concerns involve the possibility of long-term espionage campaigns after the countries become NATO members and cyberattacks in retaliation for joining, according to Kim Elman, director of the center for cybersecurity at RISE, a Swedish government-owned research institute.
Cyberattacks are likely to increase later, potentially as a form of retaliation against the Finnish government’s decisions and involvement as a NATO member, said Mikko Hypponen, chief research officer at WithSecure Corp. , a cybersecurity company based in Finland formerly called F-Secure.
Hacker groups are “way too late for their attacks already if they want to make any concrete difference” on public opinion about joining NATO, Mr. Hyppönen said, adding, “I am worried about cyberattacks directly through the Russian government or through proxies of the Russian government targeting Finland and Sweden.”
Sanctions that prevent Russia from acquiring high-tech equipment make cyberattacks on Sweden and Finland more enticing, Mr. Elman said. Russia will “be more dependent on acquiring that knowledge and intellectual property by other means,” he said. Finland and Sweden are both home to high-tech research and development and would be targets for spying, he added.
The Swedish and Finnish governments raised alert levels and warned about cyber threats targeting domestic companies and infrastructure during the war in Ukraine, and cybersecurity agencies in both countries have received more notifications and requests for information from companies and individuals who had questions or wanted to share information about cybersecurity in the past few months. Officials attribute the increase to growing awareness and public concern about cyber threats.
“There’s a certain tension in the air related to the situation and there’s a tendency to view things through that lens,” said Johan Turell, senior cybersecurity analyst at the Swedish Civil Contingencies Agency, which is responsible for emergency management. Public authorities in Swedish municipalities have grown increasingly concerned about cybersecurity since the start of the war and regularly inquire about cyber protections, such as how to comply with laws that require critical infrastructure operators to handle cyber incidents, he said.
Finland’s cybersecurity agency, the National Cyber Security Center, is assessing cyber threats outside the country more systematically than it did before the war, when it focused primarily on domestic threats, said its deputy director general, Sauli Pahlman. Analysts have studied recent cyberattacks in Ukraine to learn how to defend against them and have stepped up communications with critical infrastructure operators, he said.
Ukrainian authorities said in April that they had prevented an attack on an energy company. Before and since Russia’s invasion, hackers have used destructive wiper malware against Ukrainian targets including a financial firm and government suppliers. Also, websites of government ministries and companies were defaced.
Mr. Pahlman said his agency has been preparing to defend against cyberattacks similar to ones that targeted Ukrainian companies in recent months: “Finland as a society needs to be able to use that information and prepare for something similar perhaps happening here.”
In March, Finland kicked off a monthslong assessment involving six government ministries and the prime minister’s office that is aimed at overhauling how the country handles cybersecurity issues and responds to cyberattacks. The effort was planned before Russia’s invasion but officials involved said the war has helped them focus on concrete threats.
“The situation in Ukraine has changed our mind-set and made our discussions perhaps more intense,” said Mikko Soikkeli, director of the Defense Ministry’s IT management unit and one of the leaders of the cybersecurity review.
Petri Knape, director of the national security unit at the Interior Ministry, is also involved in leading the review. “We’re prepared for basically all hazards at this stage,” he said.
Write to Catherine Stupp at Catherine.Stupp@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8