So what happens when you put the President of Finland, the Commander in Chief, the Chiefs of Police, government officials, and F-Secure’s top experts in one room? You get a comprehensive picture of Finnish cyber security.
Anyone entering the F-Secure headquarters on the last day of May was thoroughly checked by broad-shouldered, ear-piece-wearing men to make sure that they had an invitation.
The security measures were understandable, as President Sauli Niinistö delivered the opening words of the Information Security Finland seminar. Representatives of the Finnish military, including several commanders, General Jarmo Lindberg and Lieutenant-General Timo Kivinen, the Deputy Chief of the Finnish Security Service, Seppo Ruotsalainen, Police Commissioner Tomi Vuori, senior ministry officials, and other state officials were also present.
The number of cyber attacks doubled last year
F-Secure CEO Samu Konttinen predicted that cyber attacks will grow dramatically in number this year and become increasingly sophisticated. These attacks target consumers, businesses, and governments.
“Globally, the number of cyber attacks more than doubled in 2017 compared to the previous year. According to various sources, there were at least 150,000, and possibly up to 350,000, attacks worldwide last year. Not all attacks are reported, but according to our own statistics, cyber attacks increased by 223 percent in 2017 compared to 2016,” said Konttinen.
According to Konttinen, modern attacks are targeted and much more effective than in the past. Combating them is becoming more and more difficult, and requires a combination of artificial and human intelligence. Konttinen emphasized that Finland should invest heavily in education and research in the field of artificial intelligence to keep up with the rapidly developing changes that digitalization is bringing to the world. Managing cyber security is a prerequisite for this development.
AI vs. AI?
In the seminar’s opening words, President Sauli Niinistö raised the question of whether or not we have already reached a situation where artificial intelligence fights artificial intelligence online.
“That’s quite the conundrum. When information technology is vulnerable, it makes us vulnerable as well. Finland is a small country, but of interest to many. We are the world’s most stable and free, as well as the happiest country in the world. Common resolve is the common denominator that we need here as well. The situation requires continuous improvement of our awareness of the issue,” Niinistö said.
130 criminal organizations and superspies
F-Secure Chief Research Officer Mikko Hyppönen fondly recalled a time when malware writers were largely hobbyists or whose motivation was the desire to experiment and enhance their reputation among their peers.
“At that time, F-Secure experts analyzed malware and provided them with unique names. I miss those days. Now, more than 500,000 new instances of malware appear every day. Malware is produced by at least 130 professional criminal organizations and several state actors,” said Hyppönen. “So today, analyzing malware with human intelligence alone is absolutely impossible. For a long time now, we have used machine learning and artificial intelligence for analysis. Only the most difficult cases are analyzed by humans.”
Superpowers are spying – the geopolitical situation gives cause for concern
Both Hyppönen and Konttinen warned that changes in the geopolitical situation could increase superpowers’ interest in Finland. All superpowers are practicing clever and effective online surveillance.
“The United States has the most skills and money, as well as extensive experience in intelligence. I would put Israel in second place, followed by China and Russia”, said Hyppönen.
Targeted attacks are becoming more and more effective
F-Secure’s Head of Technical Security Consulting Tomi Tuominen told reporters that many companies hire F-Secure’s experts to simulate attacks against their IT systems to help find security weaknesses. Over 100 such evaluations have been made over the last three years.
Targeted attacks on businesses and organizations have become more and more effective. In some cases, attackers transmit stolen information via satellite in ways that make recipients impossible to locate.
Tuominen entertained the audience with the concept of ‘Schrödinger’s security.’ “If we never look at our logs, we have the theoretical chance that we have not been the victim of an attack.”
Attackers see your mobile phone as a remote-controlled microphone
The deputy manager of the Finnish Security Intelligence Service, Seppo Ruotsalainen, held a mobile phone in his hand and asked the audience “What is this?” According to Ruotsalainen, a regular phone controlled by an attacker can be a remote-controlled microphone that can listen to everything in the same space. You should never have your phone with you when discussing important matters of a confidential nature.
Photography by Ville Erkkilä, Kiehu Creative Oy
Leave a comment