Hospitals in the US and the Netherlands were reportedly targeted by distributed denial of service (DDoS) attacks, believed to be orchestrated by Russian hacktivists. The University of Michigan Hospital and Stanford Health Care Center were among the affected facilities in the US, while a hospital in Groningen, the Netherlands, also came under attack.

The campaign is linked to President Biden’s decision to send Abrams tanks to aid Ukraine’s war effort. The group responsible for the attacks is believed to be Killnet (Anonymous Sudan), possibly in collaboration with other attackers. The website of the University Medical Center Groningen experienced a high volume of traffic, but no medical services were affected. Hospital staff are uncertain whether the attacks have genuinely ceased.

It is currently unknown whether other hospitals in the Netherlands have been affected. Still, according to Z-CERT, the country’s healthcare computer emergency response team, the recent attack on University Medical Center Groningen was carried out by the group Killnet. Killnet is known for using DDoS attacks to disrupt operations in allied countries and has previously targeted several US airports and Lithuanian government websites.

Although DDoS attacks are typically seen as a minor annoyance to large organisations and governments, the healthcare sector is more concerned about the threat of ransomware attacks carried out by Russian cybercriminals. Killnet has strongly supported Russia’s involvement in the war in Ukraine.

Their recent attacks are believed to be in response to President Biden’s decision to send Abrams tanks to Ukraine to aid the war effort. Despite this, the Netherlands has yet to agree to send tanks as it currently leases the equipment from Germany. However, the country has decided to send a Patriot missile defence system to Ukraine.

Cyber Risk Alert Raised in Denmark After Russian Attacks

Denmark in January raised its cyber security alert level from “medium” to “high” after several attacks by pro-Russian hacker groups in recent weeks, the country’s Centre for Cyber Security said. “The risk level is being raised on the back of high activity among pro-Russian cyber activists, who are carrying out many attacks against targets within a wide range of NATO countries,” the centre said.

Websites of several institutions and companies in Denmark, including the central bank, commercial banks, ministries and the military, have in the past month been increasingly targeted by so-called distributed denials of service (DDoS), which direct traffic towards targeted servers in a bid to knock them offline.

Hackers have become better at planning and executing their attacks, giving them more “striking power,” the centre said, adding it expects to see more such attacks in the future. Pro-Russian hacker groups have on Telegram claimed responsibility for some of the recent attacks on Danish institutions. Moscow has consistently denied that it carries out hacking operations.

The hackers are “driven by ideological or political motives”, which increases the likelihood of attacks in response to isolated incidents such as Quran burnings in front of Turkey’s embassies in Stockholm and Copenhagen, the centre said.

Finland Brings Cyber Capabilities to NATO

Due to the Russian invasion of Ukraine, Finland has decided to join NATO to adapt to the new security environment in Europe. This is a shift from Finland’s previous stance of military non-alignment and a working relationship with Russia.

With its 5G telecommunications and cyber security capabilities, Finland is set to become a significant provider of 5G infrastructure and innovative satellite technology to NATO. The Finnish security model involves close collaboration between the public and private sectors, with public-private partnerships that tap into each other’s strengths.

Finland is currently ranked eleventh in the Cyber Security Index, making it resilient to digital attacks. NATO will benefit from Finland’s telecommunication technology expertise and inter-member procurement opportunities.

Cyber Threats Rise in Nordics in Response to NATO Applications

The events in Ukraine have prompted Finland and Sweden to reevaluate their defence policies, given their proximity to Russia. Finland shares a long border with Russia and has been on high alert, while Swedes have been joining the military reserve force in record numbers. In an unprecedented move, both countries, which have traditionally maintained neutrality, have applied for NATO membership due to the threat of a Russian attack.

The NATO applications, submitted jointly on May 18th last year, have drawn threats of retaliation from Russia, although confirmation may take several months. While a traditional military attack is not expected, Swedish Prime Minister Magdalena Andersson has cautioned that cyber attacks could be a possible response.

Several regional experts have raised concerns about the potential cyberattacks against Finland and Sweden. According to a recent article in the Wall Street Journal, Mikko Hypponen, the chief researcher at a Finnish cybersecurity firm, expressed fears of cyberattacks from the Russian government or Russian government proxies that could be aimed at Finland and Sweden. Kim Elman, the director of a cybersecurity centre at a state-owned research institute, noted that the two countries’ high-tech status makes them attractive targets for espionage.

The Finnish Government Was Taken Down

The threat of cyberattacks on Finland and Sweden is not just theoretical, as recent events have shown. In April, Finnish government websites were taken down by hackers during a live stream of a speech by Ukraine’s President Volodymyr Zelensky. Similarly, Sweden experienced a major cyber attack in July 2021, when Coop, a large grocery chain, was forced to close almost 1000 stores due to the Kaseya hack. Furthermore, in December 2021, the IT systems of Kalix municipality were taken down by a ransom attack that affected over 100 different business systems, with Russian hackers suspected of being responsible.

According to the Wall Street Journal, the Finnish cyber security agency is closely monitoring the situation in anticipation of future attacks. Sauli Pahlman, the agency’s deputy director, stated that they are studying the situation closely. Meanwhile, municipalities in Sweden are also becoming increasingly concerned about protecting themselves and their critical infrastructure. Johan Turell, a senior cybersecurity analyst at MSB, the Swedish Civil Contingencies Agency, confirmed this growing concern.

While it is widely acknowledged that European politicians are vulnerable to cyber attacks, it’s essential to recognise that malicious actors and hostile entities threaten top-level government officials and critical infrastructure, industries, and supply chains. The interdependence of modern systems means that attacks can have significant consequences, and any weaknesses can be exploited. In other words, a system’s security is only as strong as its weakest link, and cyber attacks can lead to prolonged periods of disruption.

Renewing Cybersecurity Practices

To ensure cybersecurity, businesses and state-owned enterprises in Sweden and Finland must constantly review their security practices. This means taking a holistic approach to security that encompasses all employees, independent contractors and third-party users who access their systems.

Legacy authentication methods, such as usernames and passwords, are vulnerable to hacking and are often found widely distributed online, making them inadequate for ensuring security. To strengthen security, organisations may need to adopt more sophisticated authentication methods. In practice, this may require implementing more stringent measures to counter the increasing threat of cyberattacks.