Finland Participates in NATO Cyber Coalition 2019 Exercise


In an article published by the Finnish Ministry of Defence on December 5, 2019, the engagement of Finland in the NATO Cyber Coalition 2019 Exercise was highlighted.

Finland participated as a partner country in NATO’s Cyber Coalition 2019 exercise. Held in Tartu on 2 to 6 December, the exercise is an annual event that was organised for the ninth time.

In addition to NATO and the EU, 27 NATO member countries took part as well as a number of partner countries.

The purpose of the cyber defence exercise was to strengthen international and national cooperation and interoperability to respond to various cyber incidents.

Finland was represented by the Ministry of Defence and the Defence Forces that were supported by cooperating authorities.

In a recent article by Jean-Louis Gergorin and Léo Isaac-Dognin the central importance of the cyber dimension of defense and security was highlighted for both NATO and European defense.

Cyberspace encompasses all the global hardware and software means of storing, processing and transporting bits and bytes, but also, and most critically, all the information-content of that data.

Cyberwarfare is the offensive use of these multiple components with the purpose of exerting influence or control over an adversary.

Practically speaking, it can take the form of hacks that seek to compromise the confidentiality or integrity of digital systems for the purpose of espionage or sabotage, but also of assaults on the integrity of the information sphere, such as the mass dissemination of fake, biased or incomplete information through digital media.

To cite only a few examples, the disruption and partial destruction of Iranian centrifuges by the Stuxnet malware in 2010, the North Korean-led hack of Sony Pictures in 2014, the mailbox hacks of Hillary Clinton’s presidential campaign and the targeted social media propaganda operation orchestrated over the course of 2016 by a constellation of Russian-affiliated actors (most prominently, Russian military intelligence and the Saint Petersburg based Internet Research Agency), and, last but not least, the WannaCry and NotPetya attacks of 2017 have all made for headline-grabbing news.

Far from being isolated events, such operations are increasingly part of integrated strategies that seek to undermine an opponent by acting under the threshold of open warfare.

At this early stage of cyber competition, there are clear winners and losers. China and Russia were quick to recognise and experiment with the asymmetric opportunities of cyberspace.

China first specialised in the cyber theft of western intellectual property assets. Today, its leaders see digital technology as a major way towards global economic leadership.

Russia, for its part, has made cyber operations a key component of what it considers its legitimate response to western attacks on its sovereignty and sphere of influence. Following a string of events that range from endorsements of the “colour revolutions” by American officials and US-based NGOs to the enactment of economic sanctions against Russia, Moscow saw in cyber-attacks an opportunity to hit western countries at their weakest point while remaining below the threshold of open warfare.

Smaller actors, namely Iran and North Korea, have also recognised the extent to which cyber operations can transform an unfavourable balance of power.

Iran’s response to the Stuxnet attack is most telling: within the space of two years after discovering the US-Israeli malware, Iran was able to mount a series of incursions on US financial institutions that completely inhibited President Obama from further cyber offensive actions.

After two decades of overconfidence in their cyber intelligence collection, US officials were alarmed to discover foreign actors’ proficiency in hacking into their critical infrastructure, and completely caught by surprise by the information attacks that took place during the 2016 presidential campaign.

That said, the United States has come a long way since 2017, bolstering its defensive and offensive doctrine and capacities in cyberspace, to the point of pre-emptively knocking IRA servers offline in the run up to the 2018 midterm elections, and ensuring an increasingly active ‘forward’ presence on foreign networks to defend its own critical infrastructure.

Similarly it has been revealed by Reuters on October 16th that at the end of September a US cyberattack targeted the Iranian digital propaganda apparatus.

Our Old Continent, however, remains a step behind on both fronts. Europe has struggled to weigh in coherently against “digital powers”, whether they be states or private enterprises,and several EU Member States have already faced serious challenges to their electoral processes and wider security in cyberspace.

And according to a Financial Times article by Jim Brunsden, the Finns have been key players in one might call the coalition of the willing to drive forward on more cyber defense capabilities within the European Union.

The EU will conduct war-games to prepare for any cyber attacks in a sign of the bloc’s determination to increase co-operation against Russian and Chinese meddling.

Pekka Haavisto, Finland’s foreign minister, told reporters on Thursday that several practical exercises would be organised by Helsinki after it assumes the EU’s rotating presidency on July 1, including programmes involving the bloc’s finance and home affairs ministers. 

While EU defence ministers have already participated in such simulations, Helsinki believes that the range of “hybrid threats” that the bloc now faces — covering everything from fake news to cyber theft and attacks against critical IT systems — requires exercises with wider participation.  “We want the union and member states to strengthen their capacities to prevent and respond,” Mr Haavisto said.

“Military and civilian authorities can only do in times of crisis what they have been trained for.”

The featured photo: The Finnish initiative will bolster an existing EU push to tackle cyber security failings after high-profile attacks exposed weaknesses in the bloc’s electronic defences and networks for sharing warnings of breaches © Tanaonte/Dreamstime