11 - 5 - 2023 - News

Industries that are critical to the security of supply prepare for hybrid threats by training – here is what you need to know

Hybrid and cyber threats have made the headlines more often since the Russian invasion of Ukraine started. For example, according to the National Cyber Security Centre of Traficom, in recent months, government and security of supply operators have faced cyber attacks more frequently. In particular, the number of cyber attacks focusing on a carefully selected target organization has grown.

Crisis and cyber exercisesSupply security

The national operators responsible for the critical infrastructure and security of supply have taken the situation seriously for a long time and are now increasing their preparedness through training. Right now, it is important to be aware of what the attempts to influence are actually about and how you can defend against them, point out the cyber security experts from the diversified technology company Insta.

The chain is no stronger than its weakest link

Insta works to ensure safety and security for the defence sector as well as operators that are in charge of critical infrastructure and the security of supply. Over the years, the company has come to learn all about cyber threats as well as hybrid threats. Insta has organized crisis management exercises for water utilities, insurance companies and various government organizations and, lately, hybrid threats have become particularly prominent.

– Hybrid influence activities involve cyber attacks, information operations, physical influence activities, and military operations, for example. Often, the ways of influencing are effective and harmful because the party behind them has extensive resources, explains Erik Salli, Security Specialist at Insta.

To name one example of hybrid influencing, Russia focused extensive cyber attacks and information operations on Ukraine prior to February 2022. Hybrid influencing is usually done indirectly via citizens and various parties, and the chain is just as strong as its weakest link. Even a large organization can become paralyzed for a minor reason.

– Often, “hybrid threats” are used as an umbrella term to cover all ways of influencing but, in reality, the idea is combining the different methods in order to influence national decision-making, Salli summarizes.

What is needed to block the threats

A simulated management exercise is the best way to prepare for real situations, identify any security bottlenecks, and minimize the damage. Insta has witnessed an increased interest in these exercises across all sectors. Although, on an international scale, the overall security and collaboration in Finland are on an exceptionally good level, it is essential to not become complacent – we need to continuously maintain our preparedness and develop it further.

– The exercise scenarios must be planned carefully, considering the organization’s current competence and resources. A simulation exercise allows for depicting the different ways of influencing simultaneously so that the exercise reflects the organization’s actual capability to encounter such a situation, says Project Manager Joel Muujärvi from Insta, who has led more than a hundred exercises.

The exercises facilitated by Insta can be arranged cost-efficiently to large numbers of people at the same time. For instance, half-day network exercises enabled more than 50 water utilities and over 300 experts to compare their operations to a real scenario and find out whether they have up-to-date cyber security tools and competence as well as to learn how they can prepare for threats.

From the perspective of hybrid influencing, we are heading toward increasingly critical times. During the next two years, several elections will take place in Finland, and the global schism between authoritarian and democratic states has increased. This is why Insta encourages not only companies but also individuals to focus on information security and prepare for incidents.

Insta’s crisis and preparedness management solutions support the competence of organization management and personnel to respond to incidents and crisis situations. Rehearsed procedures improve safety and help in quickly taking control of the disruption. This can also minimize any tangible and intangible damage caused by the crisis situations.

Related links:

www.insta.fi/asiakastarinat/vesilaitokset-varautuvat-harjoittelemalla (in Finnish) (April 20, 2023)

www.kyberturvallisuuskeskus.fi/en/news/cyber-threat-level-remains-elevated-targeted-attacks-have-become-more-frequent (April 21, 2023)

Share article

Stay on top of the industry trends and subscribe to our newsletter

The most important news, inspiring articles, and up-to-date insights from our experts across various industries and information about our upcoming events.

Accept the terms and conditions. We handle your information responsibly.
Please review our privacy policy.