Terveydenhuolto ja kyberuhkat

Kyberturvallisuusstrategian vision mukaan Suomen tulee kyetä suojaamaan elintärkeät toimintonsa kyberuhkaa vastaan kaikissa tilanteissa. Terveydenhuolto on yksi elintärkeistä toiminnoista. Terveystoimiala on kyberhyökkäysten top-5-listalla ensimmäisenä. Hyökkäysten keskeisin motivaatio on potilastietojen arvo pimeillä markkinoilla. Vuonna 2015 varastettiin yli satamiljoonaa potilastietoa, jotka sisältävät rikollisille arvokkaita tietoja, kuten luottokorttinumeroita, työnantajatietoja ja sairaushistoriatietoja. Tässä artikkelissa kuvataan terveydenhuoltoon liittyviä kyberuhkia, kyberhaavoittuvuuksia ja toteutuneita kyberhyökkäyksiä kybermaailman eri ulottuvuudet kattaen. Tarkastelussa käytet…

Protecting the besieged cyber fortress : Russia’s response to cyber threats

The Information Security Doctrine of the Russian Federation (RF) defines the threat to information security as a complex of actions and factors that represent a danger to Russia in the information space. These threats can be information-psychological (i.e., when the adversary tries to influence a person’s mind) or information-technical (i.e., when the object of influence is the information infrastructure). The information infrastructure of the RF is a combination of information systems, websites, and communication networks located in the territory of the RF, or those used as part of international treaties signed by the RF. A cyber threat is an illegal penetration or threat of penetration by…

Cyber deterrence and Russia’s active cyber defense

The Cumulative Cyber Deterrence

The cumulative cyber deterrence can be seen as a concept in which increasing the weight of different means and their use increases the deterrent effect on a common level or on selected adversaries. Cumulative cyber deterrence may include all traditional options of deterrence, and can be active or passive. Active deterrence can be characterized as targeting specific threats and actors, as a deterrent consisting of several different methods, while passive deterrence is a form of deterrence commonly targeted at all the potential adversaries. The cumulative cyber deterrence can be an independent type of deterrence or part of a state’s overall deterrence. This paper approaches the concept of cum…

Strategic cyber threat intelligence : Building the situational picture with emerging technologies

In 2019, e-criminals adopted new tactics to demand enormous ransoms from large organizations by using ransomware, a phenomenon known as “big game hunting.” Big game hunting is an excellent example of a sophisticated and coordinated modern cyber-attack that has a significant impact on the target. Cyber threat intelligence (CTI) increases the possibilities to detect and prevent cyber-attacks and gives defenders more time to act. CTI is a combination of incident response and traditional intelligence. Intelligence modifies raw data into information for decision-making and action. CTI consists of strategic, operational, or tactical intelligence on cyber threats. Security event monitoring, event-…