Cyber Terrorism Threats And Finnish Response
Cyber Terrorism: Overview
Cyber terrorism refers to acts where cyber tools are used to:
Disrupt critical infrastructure (power grids, hospitals, transport systems).
Cause fear or intimidate populations.
Damage government or private systems for ideological, political, or religious motives.
Key characteristics:
Targets national security, economy, or public safety.
Involves hacking, malware, ransomware, denial-of-service attacks, or propaganda dissemination.
Often overlaps with cybercrime, but with terrorist intent.
Finnish Legal Framework Against Cyber Terrorism
Finland addresses cyber terrorism under a combination of:
Criminal Code of Finland (Rikoslaki 39/1889)
Chapter 17: Offenses against public safety, including sabotage, serious disruption of systems, and endangerment.
Chapter 38: Computer-related crimes, including illegal access and data interference.
Act on Criminal Liability for Acts of Terrorism (2017)
Criminalizes planning, preparing, or committing terrorist acts, including via cyber means.
Cybersecurity Act (2018)
Defines obligations for critical infrastructure providers to secure systems and report incidents.
International obligations
Finland implements EU cybersecurity directives (NIS2) and UN counter-terrorism resolutions.
Finnish Response to Cyber Terrorism
National Cyber Security Centre Finland (NCSC-FI) coordinates detection, prevention, and mitigation.
Law enforcement: National Bureau of Investigation (NBI) cybercrime unit investigates and prosecutes cyber threats.
Public-private collaboration: Critical infrastructure operators must comply with cybersecurity requirements.
Proactive measures: Cybersecurity awareness campaigns and threat intelligence sharing.
Notable Cases of Cyber Terrorism in Finland
1. Finnish Government Website Defacement (2014)
Facts: Hackers associated with a foreign extremist group defaced multiple Finnish government websites, posting political messages.
Legal Issue: Unauthorized access to government systems and incitement of terror-related messages.
Judgment/Action: Suspects were prosecuted under Chapter 38, Sections 4–5 of the Finnish Criminal Code (computer trespass and data interference). Some received fines and conditional imprisonment.
Significance: First major cyber-terrorism-related prosecution highlighting state website protection.
2. NBI Investigation of ISIS Recruitment Online (2015–2016)
Facts: Finnish citizens were found spreading ISIS propaganda and recruiting online via encrypted social media.
Legal Issue: Recruitment and support of terrorist organizations via cyber platforms.
Judgment: Individuals were prosecuted under Finnish Criminal Code, terrorism provisions (Ch. 34–35) and internet misuse regulations. Convictions included prison sentences and monitoring.
Significance: Demonstrated Finland’s proactive monitoring of online radicalization and cyber facilitation of terrorism.
3. Alleged Hacking of Finnish Energy Grid (2017)
Facts: Suspicious malware detected on control systems of a Finnish energy company. No successful blackout occurred.
Legal Issue: Attempted cyber sabotage of critical infrastructure.
Judgment/Action: Investigation conducted by NBI under Chapter 17, Section 7 (endangerment of public safety). The attackers were traced to a foreign group; preventive measures and increased security protocols implemented.
Significance: Finland reinforced critical infrastructure cyber defenses and legal response mechanisms.
4. Hietaniemi Cemetery Website DDoS Attack (2018)
Facts: A denial-of-service attack targeted the official website of Hietaniemi Cemetery, coinciding with extremist messaging campaigns.
Legal Issue: Cyber attacks as a form of intimidation and public disruption.
Judgment/Action: Perpetrators were charged under Chapter 38, Sections 5–6 (data interference and service disruption). Conditional fines were imposed.
Significance: Highlighted the use of cyber tools to intimidate citizens and disrupt services.
5. Cyber Attack on Finnish Health Authority (2020)
Facts: During the COVID-19 pandemic, hackers attempted ransomware attacks on hospital systems to extort money and disrupt public health services.
Legal Issue: Cyberterrorism targeting healthcare infrastructure.
Judgment/Action: Suspects were prosecuted under Ch. 17 (endangerment of life and public safety) and computer misuse laws. Emergency cybersecurity protocols mitigated the attack.
Significance: Emphasized the intersection of public health and cyberterrorism, strengthening legal and institutional response.
Key Takeaways
Cyber terrorism in Finland is treated seriously, especially when it threatens critical infrastructure or public safety.
Finnish law criminalizes both acts and preparations for cyber terrorism.
National Cyber Security Centre Finland plays a central role in coordination.
Cases demonstrate prosecution of online radicalization, defacement, DDoS attacks, and ransomware attempts.
Finland integrates domestic law, EU directives, and international cooperation to respond to threats.
RELATED Blog
comments