北歐互聯(lián)網(wǎng)犯罪情況分析報(bào)告-外文版培訓(xùn)課件2024.7temu

DIGITAL

&

TRENDSCybercrimeintheNordiccountriesCHAPTER

01OverviewMostsignificantcasesofdatabreachworldwideasofJanuary2024(inmillions),bynumberofcompromiseddatarecordsandindividualsimpactedAll-timebiggestonlinedatabreaches2024Number

ofimpacted

users

and

breached

recordsCam4DataBreach(Mar2020)10.88bnrecords3bnacounts1.1bnpeople1.1bnusersYahooDataBreach(2017)*AadhaarDataBreach(Mar2018)AlibabaDataBreach(Jul2022)FirstAmericanFinancialCorporationDataBreach(May2019)Verifications.ioDataBreach(Feb2019)LinkedInDataBreach(Jun2021)885musers763musers700musersFacebookDataBreach(Apr2019)YahooDataBreach(2014)533musers500maccounts500mguests412.2maccounts360maccounts340mpeopleStarwood(Marriott)DataBreach(Nov2018)AdultFriendFinderDataBreach(Oct2016)MySpaceDataBreach(Jun2013)ExactisDataBreach(Jun2018)4Description:ThelargestreporteddataleakageasofJanuary2024wastheCam4databreachinMarch2020,whichexposedmorethan10billiondatarecords.Thesecond-largestdatabreachinhistorysofar,theYahoodatabreach,occurredin2013.Thecompanyinitiallyreportedaboutonebillionexposeddatarecords,butafteraninvestigation,thecompanyupdatedthenumber,revealingthatthreebillionaccountswereaffected.ThenextsignificantdataleakagewastheMarch2018security[...]ReadmoreNote(s):Worldwide;January2024;basedonnumberofrecordslost;*YahooDataBreachhappenedin2013butonlydisclosedin2017.Thenumberofrecordsstolenwasoriginallythoughttobemuchsmaller.Yahoorevealedtherealnumbersin[...]

ReadmoreSource(s):UpGuardGlobalnumberofcybercrimeincidentsfromNovember2022toOctober2023,byindustryandorganizationsizeCybercrimeincidentsworldwide2022-2023,byindustryandorganizationsizeTotalSmall919167Large12989Unknown28241195Total3045822028AccomodationAdministrativeAgricultureConstructionEducation7147950742491780447334813781367221782167554794622663021068429EntertainmentFinance1222162131511303122617HealthcareInformationManagementManufacturingMining23053010218122122275Description:BetweenNovember2022andOctober2023,over30thousandcybercrimeincidentsweredetectedworldwide.Ofthistotal,over900casesinvolvedsmallcompanies.Theorganizationsinthepublicadministrationsectorwerethemostaffectedamongtheindustriesresearched,withreported12,217cybercrimecases.Thefinancesectorrankedsecond,whiletheprofessionalsectorfollowed,withover2,500incidentsineachindustry.

ReadmoreNote(s):Worldwide;November1,2022toOctober31,2023Source(s):VerizonDistributionofcyberattacksinselectedglobalregionsin2023,bycategoryShareofcyberattacksinworldwideregions2023,bycategoryMultipurposemalwareInfostealersCryptominers32%MobileRansomware0.4%0.35%0.3%35%31%27%0.25%0.2%15%0.15%0.1%13%12%12%11%10%10%10%5%9%9%8%8%8%7%6%0.05%0%GlobalAmericasEMEAAPAC6Description:Asof2023,multipurposemalware,whichincludesbankingTrojansandbotnets,wasthemostfrequentlyreportedcategoryofcyberattackacrossallglobalregions.Thistypeofmalwareaccountedfor31percentofgloballyreportedattacksand35percentofattacksintheAsia-Pacific(APAC)region.Infostealersrankedsecond,recordingthehighestpercentageintheAPACregionat15percent.Amongthereportedcategories,mobileattackshadthelowestshareacrossallregionsworldwide,[...]

ReadmoreNote(s):Worldwide;2023;amongcorporatenetworks,dataisbasedonCheckPointSoftwaredetections;widerindustymetricsmayvarySource(s):CheckPointSoftwareTechnologiesShareofcompaniesintheNordicsexperiencingcyberattacksfromoutsideractorsin2022,bycountryNordiccompaniesencounteringcyberattacksfromoutsider2022,bycountry0.06%4.9%4.8%0.05%0.04%0.03%0.02%0.01%0%3.8%3.6%DenmarkFinlandSwedenNorway7Description:In2022,nearlyfivepercentofcompaniesinFinlandreportedhavingexperiencedcyberattacks,suchasransomwareandDenialofService(DoS),byanoutsideractor.Additionally,thesecyberattacksledtotheunavailabilityofinformationandcommunicationtechnologyservices.FromselectedNordiccountries,Denmarkrankedsecondinthiscategory,followedbySwedenandNorway.ReadmoreNote(s):Denmark,Finland,Norway,Sweden;2022;companieswith10ormoreemployees;enterprisesexperiencedICTsecurityrelatedincidentsleadingto:unavailabilityofICTservicesduetoattackfromoutside(e.g.Ransomwareattacks,DenialofServiceattacks)Source(s):EurostatShareofcompaniesintheNordicsexperiencingdatadestructioninvolvinghardwareorsoftwarefailuresin2022,bycountryNordiccompaniesencounteringdatacompromisewithsystemfailures2022,bycountry0.08%7.4%0.07%0.06%0.05%0.04%0.03%0.02%0.01%0%3.3%3%2.3%DenmarkFinlandSwedenNorway8Description:In2022,around7.4percentofcompaniesinFinlandreportedhavingexperiencedinformationandcommunicationtechnology(ICT)incidentsinvolvinghardwareorsoftwarefailuresleadingtodestructionorcorruptionofdata.AmongselectedNordiccountries,Swedenrankedsecond,followedbyDenmarkandNorway.ReadmoreNote(s):Denmark,Finland,Norway,Sweden;2022;companieswith10ormoreemployees;enterprisesexperiencedICTsecurityrelatedincidentsleadingto:destructionorcorruptionofdataduetohardwareorsoftwarefailuresSource(s):EurostatShareofcompaniesintheNordicsexperiencinginfectionorunauthorizedcyberintrusionin2022,bycountryNordiccompaniesencounteringunauthorizedcyberintrusion2022,bycountry0.025%2.2%2%2%0.02%0.015%0.01%0.005%0%1.5%DenmarkFinlandSwedenNorway9Description:In2022,around2.2percentofcompaniesinNorwayreportedhavingexperiencedinformationandcommunicationtechnology(ICT)incidentsinvolvinginfectionofmalicioussoftwareorunauthorizedintrusion,leadingtothedestructionorcorruptionofdata.SwedenandDenmarkrankedsecondamongselectedNordiccountries,followedbyFinland.ReadmoreNote(s):Denmark,Finland,Norway,Sweden;2022;companieswith10ormoreemployees;enterprisesexperiencedICTsecurityrelatedincidentsleadingto:destructionorcorruptionofdataduetoinfectionofmalicioussoftwareorunauthorizedintrusionSource(s):EurostatTotalnumberofcyberattacksinIcelandfrom2020to2023NumberofcyberattacksinIceland2020-2022800700700598600500400300200100026620202021202210Description:In2022,700casesofcyberattacksweredetectedinIceland.Companiesandindividualsinthecountryencounteredaround600cyberattacksintheyearprior.Incomparison,thenumberofdetectedcyberattacksinIcelandin2020was266.

ReadmoreNote(s):Iceland;2020to2022Source(s):RúVCHAPTER

02DatabreachesNumberofbreacheddatapointsinFinlandfrom1stquarter2020to1stquarter2024NumberofbreacheddatapointsinFinlandQ12020-Q12024800,000700,000600,000500,000400,000300,000200,000100,0000Q12020Q22020Q32020Q42020Q12021Q22021Q32021Q42021Q12022Q22022Q32022Q42022Q12023Q22023Q32023Q42023Q1202412Description:Inthefirstquarterof2024,morethan120,000personaldatarecordswereexposedindatabreachesinFinland.Inthepastyear,thehighestnumberofrecordsleakedindatabreacheswasregisteredinthefirstquarterof2023,nearly434,000.Inthemeasuredperiod,thelastquarterof2020sawthehighestnumberofbreachedaccounts,approximately694,000.ReadmoreNote(s):Finland;Q12020toQ12024Source(s):SurfSharkNumberofbreacheddatapointsinNorwayfrom1stquarter2020to1stquarter2024NumberofbreacheddatapointsinNorwayQ12020-Q120242,500,0002,000,0001,500,0001,000,000500,0000Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q42023

Q1202413Description:Inthefirstquarterof2024,over186,000personaldatapointswereexposedtodatabreachesinNorway,markingaconsiderableincreasecomparedtothequarterprior.Inthemeasuredperiod,thehighestnumberofexposeddatarecords,morethantwomillion,wasregisteredinthefourthquarterof2020.ReadmoreNote(s):Iceland;Q12020toQ12024Source(s):SurfSharkNumberofbreacheddatapointsinIcelandfrom1stquarter2020to1stquarter2024NumberofbreacheddatapointsinIcelandQ12020-Q120241,200,0001,000,000800,000600,000400,000200,0000Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q42023

Q1202414Description:Inthefirstquarterof2024,nearly87,000personaldatapointswereexposedtodatabreachesinIceland,markingaconsiderableincreasecomparedtothequarterprior.Inthemeasuredperiod,thehighestnumberofexposeddatarecordswasregisteredinthethirdquarterof2022,morethanonemillion.ReadmoreNote(s):Iceland;Q12020toQ12024Source(s):SurfSharkNumberofbreacheddatapointsinSwedenfrom1stquarter2020to1stquarter2024NumberofbreacheddatapointsinSwedenQ12020-Q120241,800,0001,600,0001,400,0001,200,0001,000,000800,000600,000400,000200,0000Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q42023

Q1202415Description:Inthefirstquarterof2024,morethanamillionpersonaldatapointswereexposedtodatabreachesinSweden,markingaconsiderableincreasecomparedtothequarterprior.Inthemeasuredperiod,thehighestnumberofexposeddatarecordswasregisteredinthefirstquarterof2021,morethan1,6million.ReadmoreNote(s):Sweden;Q12020toQ12024Source(s):SurfSharkNumberofbreacheddatapointsinDenmarkfrom1stquarter2020to1stquarter2024NumberofbreacheddatapointsinDenmarkQ12020-Q120241,400,0001,200,0001,000,000800,000600,000400,000200,0000Q12020

Q22020

Q32020

Q42020

Q12021

Q22021

Q32021

Q42021

Q12022

Q22022

Q32022

Q42022

Q12023

Q22023

Q32023

Q42023

Q1202416Description:Inthefirstquarterof2024,over313,000personaldatapointswereexposedtodatabreachesinDenmark,markingaconsiderableincreasecomparedtothequarterprior.Inthemeasuredperiod,thehighestnumberofexposeddatarecords,morethanonemillion,wasregisteredinthefourthquarterof2020.ReadmoreNote(s):Denmark;Q12020toQ12024Source(s):SurfSharkCHAPTER

03SwedenTotalnumberofITincidentsreportedbynetworkinformationservice(NIS)providersinSwedenfrom2021to2023Swedennetworkinformationservice(NIS)providersITincidents2021-2023160140120145991008060402008220212022202318Description:In2023,networkinformationservice(NIS)providersinSwedenreportedabout145casesofITincidents.Thisfigurehasgraduallyincreasedsince2021.Thatyear,NISprovidersreportedover82incidents.

ReadmoreNote(s):SwedenSource(s):Myndighetenf?rsamh?llsskyddochberedskapTotalnumberofITincidentsreportedbygovernmentagenciesinSwedenfrom2021to2023SwedengovernmentagenciesITincidents2021-202330026125023120015010050189020212022202319Description:In2023,governmentagenciesinSwedenreportedabout189casesofITsecurityincidents.Thisfigurehasgraduallydecreasedsince2021.Thatyear,governmentagenciesreportedover260incidents.

ReadmoreNote(s):SwedenSource(s):Myndighetenf?rsamh?llsskyddochberedskapDistributionofreportedcausesofITincidentsinSwedenin2023ReportedcausesofITincidentsinSweden2023Unknown21%Cyberattack30%Other5%Systemfailure25%Error19%20Description:In2023,mostITincidentsinSwedenwerecausedbycyberattacks.Accordingtoreports,30percentofsecurityincidentsoccurredduetocyberattacks.Systemerrorrankedsecond,withaquarterofallincidents,anderrorswerethethird-mostcommoncauseofITsecurityincidents.ReadmoreNote(s):Sweden;2023;basedon316reportsSource(s):Myndighetenf?rpress,radioochtvNumberofreceivedcomplaintsofdataprotectioninSwedenfrom2021to2023ReceivedcomplaintsondataprotectioninSweden2021-20233,5003,0003,1952,5002,0001,5001,0005002,3292,142020212022202321Description:In2023,theSwedishdataprotectionauthorityreceived3,195complaintsaboutdataprotection.Thisfigurehasseenanotableincreasesince2021,whenthenumberofreceivedcomplaintswas2,329.

ReadmoreNote(s):Sweden;2021to2023Source(s):IntegritetsmyndighetenNumberofresolvedcomplaintsofdataprotectioninSwedenfrom2021to2023ClosedcomplaintsondataprotectioninSweden2021-20234,0003,5003,0002,5003,3462,0001,6481,6161,5001,000500020212022202322Description:In2023,theSwedishdataprotectionauthorityclosed3,346complaintsaboutdataprotection.Thisfigurehasseenanotableincreasesince2021,whenthenumberofresolvedcomplaintswas1,616.

ReadmoreNote(s):Sweden;2021to2023Source(s):IntegritetsmyndighetenAveragetimespentonprocessingcomplaintsofdataprotectioninSwedenfrom2021to2023(indays)TimeofprocessingcomplaintsofdataprotectioninSweden2021-2023120100801017360514020020212022202323Description:In2023,theSwedishdataprotectionauthorityspentanaverageof101daysprocessingcomplaintsaboutpersonaldataprotection.Thisnumberhasincreasedfrom51since2021,andsohasthenumberofcomplaintsreceived.

ReadmoreNote(s):Sweden;2021to2023Source(s):IntegritetsmyndighetenShareofinternetuserswhoexperiencedonlinefraudinSwedenin2022,bytypeOnlinefraudamonginternetusersinSweden2022,bytype0.7%59%0.6%0.5%0.4%0.3%0.2%0.1%0%55%12%4%3%2%1%1%1%Attemptedfraud

ScamemailFakecustomersupportProductnotdeliveredUnauthorizedbankIDOtheronlinefraudUnauthorized

Codesfromthe

Name/Socialcarddetails

bank

securitynumber24Description:In2022,59percentofinternetusersinSwedenhadexperiencedanonlinefraudattempt.Anothershareof55percentreportedhavingreceivedscame-mails.Additionally,thepercentageofuserswhoencounteredfakecustomersupportduringthemeasuredperiodwas12percent.ReadmoreNote(s):Sweden;2022;3,128respondents;16yearsandolder;InternetusersSource(s):InternetstiftelsenCHAPTER

04DenmarkNumberofpersonaldatasecuritybreachesinDenmarkfrom2019to2023PersonaldatasecuritybreachesinDenmark2019-202312,00010,0008,0006,0004,0002,00009,5378,7738,8168,5547,2422019202020212022202326Description:In2023,9,537casesofpersonaldatasecuritybreacheswerereportedtothedataprotectionauthorityinDenmark.Thisfigurerepresentsan8.2percentincreasefromthepreviousyear.In2019,theauthorityreceived7,242suchcases.

ReadmoreNote(s):Denmark;2019to2023Source(s):Datatilsynet;GripTotalnumberofcomplaintsreceivedbydataprotectionauthorityinDenmarkfrom2019to2023NumberofdataprotectioncomplaintsinDenmark2019-202320,00018,06217,76818,00016,00014,00012,00010,0008,0006,0004,0002,000017,29116,89615,6812019202020212022202327Description:In2023,thetotalnumberofcomplaintsreceivedbythepersonaldataprotectionauthorityinDenmarkwasmorethan18,000.Thisfigurehasnotablyincreasedsince2019,whennearly15,700complaintswerereceived.

ReadmoreNote(s):Denmark;2019to2023Source(s):DatatilsynetDistributionofpersonaldatasecuritybreachreportsinDenmarkfromMay2023toApril2024,bytypeDistributionofdatabreachreportsinDenmark2023-2024,bytypeEavesdropping/interception3.52%incidents0.83%Errorsandmalfunctions0.93%Legal0.24%Maliciousactivities/abuse3.96%Other9.3%Unintendedevents81.22%28Description:BetweenMay2023andApril2024,morethan81percentofthereportsaboutpersonaldatasecuritybreacheswereaboutunintentionalincidents.Maliciousactivitiesandaccessabuserankedsecond,witharoundfourpercentofthereportedincidents,followedbyeavesdroppingorinterception.ReadmoreNote(s):Denmark;May2023toApril2024Source(s):DatatilsynetMonthlynumberofpersonaldatasecuritybreachreportsinDenmarkfromMay2023toApril2024MonthlynumberofdatabreachreportsinDenmark2023-20241,2001,0289671,00087785583081578677780075768165957860040020002023-052023-062023-072023-082023-092023-102023-112023-122024-012024-022024-032024-0429Description:BetweenMay2023andApril2024,thehighestmonthlynumberofreportsaboutpersonaldatasecurityreportsinDenmarkwasregisteredinJune2023.Inthatmonth,theDanishdataprotectionauthorityreceived1,028reports.Inthemostrecentlymeasuredmonth,thenumberofreportswas777.ReadmoreNote(s):Denmark;May2023toApril2024Source(s):DatatilsynetLevelofcyberthreatagainstDenmarkasofMay2023,bycategoryDenmarkcyberthreatlevel2023,bycategoryLevelofthreatVeryhighVeryhighHighThreatofcyberespionageThreatofcybercrimeThreatofcyberactivismThreatofdestructivecyberattacksThreatofcyberterrorismLowNone30Description:AsofApril2023,thethreatofcyberespionageandcybercrimeagainstDenmarkwasveryhigh.Meanwhile,thethreatofdestructivecyberattackswasratedaslow,andtherewerenochancesofcyberterrorism.

ReadmoreNote(s):Denmark;May2023Source(s):CenterforCybersikkerhedLevelofcyberthreatagainstDanishportsandlogisticscompaniesasofApril2023,bycategoryDenmarkportsandlogisticscompaniescyberthreatlevel2023,bycategoryLevelofthreatVeryhighVeryhighHighThreatofcyberespionageThreatofcybercrimeThreatofcyberactivismThreatofdestructivecyberattacksThreatofcyberterrorismLowNone31Description:AsofApril2023,thethreatofcyberespionageandcybercrimeagainstDanishportsandlogisticscompanieswasveryhigh.Meanwhile,thethreatofdestructivecyberattackswasratedaslow,andtherewerenochancesofcyberterrorism.

ReadmoreNote(s):Denmark;May2023Source(s):CenterforCybersikkerhedTypesofcyberattacksperformedoncompaniesinDenmarkfrom2017to2022TypesofcyberattacksperformedoncompaniesinDenmark2022201777%%201876%%201968%%202079%%202178%35%25%202276%34%33%PhishingEventscausedbysuppliererrorSensitivepersonaldataorothersensitiveinformationshared12%17%29%38%Accidentalsharingofsensitivepersonaldataorothersensitiveinformation%%%%25%33%Malware43%52%%48%38%%27%30%28%17%28%42%28%34%32%28%27%20%32%25%25%17%FinancialfraudSocialengineeringUnauthorisedaccessto/useofinformation,systemsornetwork15%28%DoSattack,aimedatpreciselyyourorganisationUnauthorisedphysicalaccessExtortion32%%28%%22%13%20%15%8%20%9%17%8%58%24%18%11%7%32Description:TheshareofDanishorganizationshavingexperiencedextortionhaddecreasedsignificantlyfrom58percentin2017tosevenpercentin2022.Ontheotherhand,theshareofphishingattacksremainedstable,ataround76percent,duringthemeasuredperiod.ReadmoreNote(s):Denmark;2017to2022;619respondents;businessexecutives,ITmanagersandspecialistsSource(s):PwCCHAPTER

05FinlandNumbercybercrimecasesregisteredinFinlandfrom2018to2023RegisteredcybercrimecasesinFinland2018-20232,0001,7471,8001,6001,4001,2001,000800558600424401400287164200020182019202020212022202334Description:In2023,558casesofcybercrimewerereportedinFinland.Between2018and2023,thehighestfigurewasregisteredin2020.Thatyear,atotalof1,747casesofcybercrimewerereportedinthecountry.

ReadmoreNote(s):Finland;2018to2023Source(s):StatisticsFinlandAverageyearlynumberofransomwareattacksagainstcompaniesinFinlandfrom2020to2023Finlandnumberofransomwareattacks2020-2023454040404035302520151053002020*2021*2022*202335Description:In2023,about30ransomwareattackswerereportedinFinland.Thisrepresentsaslightdecreasefromthepreviousthreeyears,with40cyberattacksannuallyonaverage.

ReadmoreNote(s):Finland;2020to2023;12,187respondents;18-64years;*averageSource(s):TraficomProposedcybersecuritybudgetinFinlandin2023and2024Finlandproposedcybersecuritybudget2023-202438%0.35%32%0.3%0.25%0.2%0.15%0.1%0.05%0%20232024*36Description:Inthe2024budgetproposaltotheParliament,theFinnishgovernmentincreasedcybersecurityspendingbyaround30percent.Thus,theintendedcybersecuritybudgetfor2024wouldbe280millioneuros,upfromabout215millionin2023.

ReadmoreNote(s):Finland;2023and2024;*2024datawascalculatedby

onthebasisofinformationprovidedbythesource.ReadmoreSource(s):

TVDigitalWatchShareofinternetusersinFinlandwhoactivelydosomethingtoprotecttheirdataontheinternetin2023and2024Finlandinternetusersactionstowardprotectionoftheirdata2023-202440%40%0.4%0.35%0.3%0.25%0.2%0.15%0.1%0.05%0%2023202437Description:In2024,aroundfourinteninternetusersinFinlandsaidtheydidsomethingtoactivelyprotecttheirpersonaldataontheinternet.Thefigurehasstayedthesamesincethepreviousyear.ReadmoreNote(s):Finland;3rdApril,2023to19thMarch,2024;12,187respondents;18-64yearsSource(s):ConsumerInsightsShareofinternetusersinFinlandforwhomsavingsensitivedataistooinsecurein2023and2024Finlandinternetusersconsideringsensitivedataonlinetoounsafe2023-202438%0.35%32%0.3%0.25%0.2%0.15%0.1%0.05%0%2023202438Description:In2024,around38percentofinternetusersinFinlandsaidsavingsensitivedatawastooinsecureforthem.Thefigurehasincreasedfrom32percentinthepreviousyear.

ReadmoreNote(s):Finland;3rdApril,2023to19thMarch,2024;12,187respondents;18-64yearsSource(s):ConsumerInsightsShareofinternetusersinFinlandbelievetheyarewellprotectedagainstvirusesanddataabuseontheinternetin2023and2024Finlandinternetuserswellprotectedagainstonlinevirusesanddataabuse2023-202445%44%0.45%0.4%0.35%0.3%0.25%0.2%0.15%0.1%0.05%0%2023202439Description:In2024,around45percentofinternetusersinFinlandsaidtheybelievedtheywerewellprotectedagainstonlinevirusesandabuseoftheirpersonaldata.Thesameshareofinternetusersthoughtthesameinthepreviousyear.

ReadmoreNote(s):Finland;3rdApril,2023to19thMarch,2024;12,187respondents;18-64yearsSource(s):ConsumerInsightsShareofinternetusersinFinlandconcernedabouttheirpersonaldatabeingmisusedontheinternetin2023and2024Finlandinternetusersworriedaboutmisuseoftheirpersonaldata2023-20240.5%44%0.45%42%0.4%0.35%0.3%0.25%0.2%0.15%0.1%0.05%0%2023202440Description:In2024,around44percentofinternetusersinFinlandexpressedconcernsaboutthemisuseoftheirpersonaldataontheinternet.Thefigurehasseenanuptickoftwopercentsincethepreviousyear.

ReadmoreNote(s):Finland;3rdApril,2023to19thMarch,2024;12,187respondents;18-64yearsSource(s):ConsumerInsightsCHAPTER

06CyberattackswithpoliticalintentCyberincidentswithapoliticaldimensioninitiatedagainstFinlandfromJanuary2020toJune2024PoliticalcyberattackslaunchedagainstFinland2020-2024Incident

detailsIncident

typeDDoSAttackonFinnishgovernmentduringspeechofZelenskyyonApril8,2022DisruptionPro-RussianNoName057(16)hacktivistgrouptargetedtheFinnishparliamentandSannaMarin'swebsitesinthewakeofFinland`sNATOaccessionatthebeginningofApril2023DisruptionNorthKoreanstate-sponsoredAPTgroup'DiamondSleet'HijackingwithoutMisuseDisruptioncompromiseddefencecompaniesinseveralcountriesinJanuary2023UnknownhackersdisruptedaccesstoelectronicservicesofFinnishTransportandCommunicationsAuthorityTraficomon23September2023EuropeanShippingcompanieshitbyDDoSattacksince19October2023Disruption42Description:BetweenJanuary2020andJune2024,threatactorswithpoliticalintentlaunched10cyberattacksagainstvariousinstitutionsandcriticalinfrastructureinFinland.TheApril2024datatheftfromtheUnitedNationsDevelopmentProgrammewasthelatestregisteredcaseofacyberattackwithapoliticalintenttargetingFinland.ReadmoreNote(s):Finland;January2020toJune2024Source(s):SWPCyberincidentswithapoliticaldimensioninitiatedagainstNorwayfromJanuary2020toJune2024PoliticalcyberattackslaunchedagainstNorway2020-2024Incident

detailsIncident

typeHijackingwithMisuse;DatatheftHijackingwithoutMisuseMicrosoftExchangeHack:NorwegianParliamentinMarch2021MicrosoftExchangeHack:EuropeanBankingAuthority(EBA)andNorwegianParliamentsinceMarch2021UnknownactorsusedJavaScript-codeBrownFloodtotargetmainlyUkrainianwebsiteswithDDoSsinceMarch2022DisruptionDisruption;Datatheft&DoxingHijackingwithMisuse;DatatheftPro-RussianhacktivistgroupKillnettargetsNorwayentitieswithDDoSAttackattheendofJune2022SuspectedChinesethreatactorUNC4841exploitedzero-dayvulnerabilityinBarracudaEmailSecurityGatewaytoconductespionageagainstvictimorganisationsinatleast16countriessince10October202243Description:BetweenJanuary2020andJune2024,threatactorswithpoliticalintentlaunchedninecyberattacksagainstvariousinstitutionsandcriticalinfrastructureinNorway.TheMarch2024datatheftfromtheUnitedNationsDevelopmentProgrammewasthelatestregisteredcaseofacyberattackwithapoliticalintenttargetingNorway.ReadmoreNote(s):Norway;January2020toJune2024Source(s):SWPCyberincidentswithapoliticaldimensioninitiatedagainstIcelandfromJanuary2020toJune2024PoliticalcyberattackslaunchedagainstIceland2020-2024Incident

detailsIncident

typeIcelandicwebsiteshavebeentargetedinpoliticallymotivatedDDoSattackinApril2022DisruptionSuspectedCh