0000000000448934
AUTHOR
Martti Lehto
Laskennallisten tieteiden tutkimuksen ja koulutuksen kehittäminen
Matalavalvontatutkan kehitysprojekti 1966–1985 : kansallinen menestystarina
Matalavalvontatutkaprojekti (MVT) muodosti kokonaisuuden, jossa kehitettiin kotimaisin voimin valvonta- ja korkeudenmittaustutka, maalitietojen esitys- ja taistelunjohtolaitteistoja, viestijärjestelmiä, tutka-asemien rakenteita sekä huoltojärjestelmä. nonPeerReviewed
Kyberturvallisuuden ja big data-analyysin tutkimus ja opetus
Cyber warfare : the game changer in the battlespace
A recent development in warfare has been the integration of Electronic Warfare (EW), Information Warfare (IW) and Cyber Warfare (CW) systems designed to generate non-kinetic effects in battle space together with the traditional use of kinetic weapons. These new capacities of armed forces create new possibilities to achieve the goals of war. These advanced and new capabilities form a whole new non-kinetic environment in which they have become a game changer in battle space. This article focuses on describing cyber warfare and the first experiences of the war in Ukraine. nonPeerReviewed
Countering Adversarial Inference Evasion Attacks Towards ML-Based Smart Lock in Cyber-Physical System Context
Machine Learning (ML) has been taking significant evolutionary steps and provided sophisticated means in developing novel and smart, up-to-date applications. However, the development has also brought new types of hazards into the daylight that can have even destructive consequences required to be addressed. Evasion attacks are among the most utilized attacks that can be generated in adversarial settings during the system operation. In assumption, ML environment is benign, but in reality, perpetrators may exploit vulnerabilities to conduct these gradient-free or gradient-based malicious adversarial inference attacks towards cyber-physical systems (CPS), such as smart buildings. Evasion attac…
Cyber Situational Awareness in Critical Infrastructure Organizations
The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running critical infrastructures and their cyber situational awareness (CSA). According to a common view, components of critical infrastructures become more complex and interdependent on each other and, as a consequence, ramifications of incidents multiply. In practice, the actions relate to developing better CSA and understanding of a critical infrastructure organization. The aim is to prepare for incidents and their management in a whole-of-society approach. The arrangement i…
Terveydenhuolto ja kyberuhkat
Kyberturvallisuusstrategian vision mukaan Suomen tulee kyetä suojaamaan elintärkeät toimintonsa kyberuhkaa vastaan kaikissa tilanteissa. Terveydenhuolto on yksi elintärkeistä toiminnoista. Terveystoimiala on kyberhyökkäysten top-5-listalla ensimmäisenä. Hyökkäysten keskeisin motivaatio on potilastietojen arvo pimeillä markkinoilla. Vuonna 2015 varastettiin yli satamiljoonaa potilastietoa, jotka sisältävät rikollisille arvokkaita tietoja, kuten luottokorttinumeroita, työnantajatietoja ja sairaushistoriatietoja. Tässä artikkelissa kuvataan terveydenhuoltoon liittyviä kyberuhkia, kyberhaavoittuvuuksia ja toteutuneita kyberhyökkäyksiä kybermaailman eri ulottuvuudet kattaen. Tarkastelussa käytet…
Maailma on muuttunut ja myös koulutuksen on muututtava
Suomen tekoälytuettu digitaalinen SOTE- ja koulujärjestelmä 2025
Koulut ovat siirtyneet etäopetukseen lähikuukausien ajaksi sekä Suomessa että ympäri maailmaa. UNESCO:n seurannan mukaan perusasteen, toisen asteen ja korkea-asteen koulutus on 23.4. päivitetyn tiedon mukaan pysäytetty joko kokonaan tai osittain 191 maassa. COVID-19 virus vaikeuttaa yli 1,6 miljardin nuoren opiskelua. Jo ennen virusepidemiaa 260 miljoonaa lasta globaalisti oli ilman koulutusta. Kriisin odotetaan syventävän globaalia oppimiskriisiä. Kiinnostus Suomen digitaalisia koulutusratkaisuja kohtaan on globaali. Meneillään olevasta etäopetusperiodista pitää kerätä hyvät ja huonot kokemukset. Niiden pohjalta Suomen tulee rakentaa kaikkia koulutusasteita koskeva kansallinen digitaalinen…
Components of defence strategies in society’s information environment: a case study based on the grounded theory
Objectives: The goal of this study is to explore the components of defence strategies faced by society in its information environment, and how these strategies are inter-related. Methods: This qualitative in-depth case study applied past research and empirical evidence to identify the components of defence strategies in a society’s information environment. The collected data were analysed using the Grounded Theory approach and a conceptual framework with the components of defence strategies and the relationships between these components being developed using the Grounded Theory. Results: This study shows that the goal of politically and militarily hostile actors is to weaken society’s infor…
The Cyberspace Threats and Cyber Security Objectives in the Cyber Security Strategies
Threats in cyberspace can be classified in many ways. This is evident when you look at cyber security on a multinational level. One of the most common models is a threefold classification based on motivational factors. Most nations use this model as a foundation when creating a strategy to handle cyber security threats as it pertains to them. This paper will use the five level model: cyber activism, cybercrime, cyber espionage, cyber terrorism and cyber warfare. The National Cyber Security Strategy defines articulates the overall aim and objectives of the nation's cyber security policy and sets out the strategic priorities that the national government will pursue to achieve these objectives…
Assessment of Cybersecurity Risks: Maritime Automated Piloting Process
A modern society is a combination of several critical infrastructures, of which international and national maritime transportation systems are essential parts. Digitalization makes it possible to increase levels of autonomy in maritime systems. It also means fully existing cyberenvironments in maritime processes. In cyberenvironments, it is crucial there is trustable information communication between system elements of the process, alongside the usability, reliability, and integrity of systems data in the operating environment. In order to develop maritime autonomy in Finland the Sea4Value / Fairway (S4VF) research program has been developed. At the first stage of the program, the main goal…
Digital Technologies for Transport and Mobility: Challenges, Trends and Perspectives
This white paper aims at presenting the ideas emerging from the different fields pertaining to transport and mobility, to describe the capacities of current state-of-the-art digital technologies and the perspectives that are expected to shape the future of transport and mobility.
Keski-Suomesta digikoulutuksen johtava maakunta : esiselvitys ja Master plan luonnos
Tavoitteena on, että koko Keski-Suomessa siirrytään vuoteen 2019 mennessä digitaaliseen koulutusjärjestelmään kaikilla koulutustasoilla: sekä yleissivistävässä ja ammatillises- sa koulutuksessa että korkeakoulutasoisessa koulutuksessa. Suomeen luodaan ensimmäisenä maailmassa keskitetyillä IT-järjestelmillä tuetettu peruskoulu ja lukio. Toiminnanohjaus ja materiaalit hoidetaan keskitetyiltä palvelimilta kullakin koulutusasteella. Digitaalisen koulujärjestelmän (Smart Education Finland) perusajatuksena on, että koko yleissivistävä koulutus voitaisiin tuottaa uuden sukupolven tietoverkoissa samanlaisena ja tasa-arvoisena kaikille. Jokainen oppilas saisi käyttöönsä henkilökohtaisen työaseman, j…
Mini-drones swarms and their potential in conflict situations
The Unmanned Aerial Vehicles (UAV) commonly known as drones are currently used in a wide range of operations such as border monitoring, aerial reconnaissance, traffic control and military interventions in armed conflicts. These aerial vehicles are expected to be reliable, automated and sometimes autonomous machines, albeit the human factor continues to play a crucial role in programming and control. At their genesis, drones were complex, large and reserved to an exclusive club of technologically advanced military powers. They tended to be used against technologically weak military targets. Developments in the price, size and sophistication of drones has now enabled almost anyone to purchase…
Adversarial Attack’s Impact on Machine Learning Model in Cyber-Physical Systems
Deficiency of correctly implemented and robust defence leaves Internet of Things devices vulnerable to cyber threats, such as adversarial attacks. A perpetrator can utilize adversarial examples when attacking Machine Learning models used in a cloud data platform service. Adversarial examples are malicious inputs to ML-models that provide erroneous model outputs while appearing to be unmodified. This kind of attack can fool the classifier and can prevent ML-models from generalizing well and from learning high-level representation; instead, the ML-model learns superficial dataset regularity. This study focuses on investigating, detecting, and preventing adversarial attacks towards a cloud dat…
Phenomena in the Cyber World
This chapter describes and evaluates the cyber world, including its phenomena, from a strategic perspective. As no universally accepted definitions for the cyber world exist, associated literature and publications address it in many different ways. A five-layer model is constructed for cyber threats, which include cybervandalism, cybercrime, cyber intelligence, cyberterrorism and cyberwarfare. This chapter depicts the standards-based risk model, cyber operations and cyberweaponry, as well as the critical structures of society as the targets. Moreover, cyber security definitions are provided. Cyber world phenomena are addressed in more detail in other chapters of this book.
Cyber Situational Awareness in Critical Infrastructure Protection
The European Union promotes collaboration between authorities and the private sector, and the providers of the most critical services to society face security related obligations. In this paper, critical infrastructure is seen as a system of systems that can be subject to cyber-attacks and other disturbances. Situational awareness (SA) enhances preparations for and decision-making during assessed and unforeseen disruptive incidents, and promoting Cyber effective situational awareness (CSA) requires information sharing between the different interest groups. This research is constructive in nature, where innovative constructions developed as solutions for domain-specific real world problem…
Kyberturvallisuuden kansallinen osaaminen
Finnish Cyber Security Strategy and Implementation
Technical and automated solutions and information networks, which make planning, guidance and implementation possible fast and in a cost-efficient way, are widely used in Finnish information society. The flipside of this development is increased dependency on extensive and complicated technical systems and information networks. Failures in these systems or, for example, in their power supply may rapidly affect comprehensive security in society. Threats against security in society have become more multifaceted and, as a consequence, more complicated. Threats can no longer be divided clearly into military and non-military threats or internal and external threats; they are often interconnected…
The importance of strategic leadership in cyber security : Case of Finland
Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this paper is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. The paper also asks (and answers) how the strategic leadership of cyber secur…
Yhteiskunnan digimurros
“The biggest part of our digital transformation is changing the way we think.” — Simeon Preston, CEO of International Markets unit in Bupa. Yhteiskunnan digimurros on laaja termi, joka kuvaa kokonaisvaltaista muutostilaa. Digimurros koskettaa lähes kaikkia elämän osa-alueita tämän päivän länsimaisessa kehittyneessä valtiossa. Digimurroksesta on puhuttu paljon muun muassa talouden ja teollisuuden konteksteissa, mutta on perusteltua sanoa, että kyseessä on yhteiskunnan kannalta paljon laajamittaisempi termi. Puhumme myös usein digitalisoituneesta yhteiskunnasta, mutta tämäkään ei itsessään ole riittävä termi ottamaan huomioon digitalisaation luomia muutoksia. Digimurros on enemmän kuin kokoel…
Assessment of Cyber Security risks : A Smart Terminal Process
In Finland, the connections to global maritime transportation logistics systems are an essential part of the national critical infrastructure. As a part of maritime logistics systems, the port's operations are important elements for global maritime traffic and the transportation supply chain. Digitalization of seaport services makes it possible to increase the efficiency of terminal systems in the logistic processes. At the same time, port logistic processes can notably reduce its CO2 emissions by optimizing port operations. The improvement of port processes relies very much on the development of Information and Communication Technology (ICT) and Industrial Control Systems (ICS) or Operatio…
Cyber security competencies : cyber security education and research in Finnish universities
The revolution in information technology that began in the 1990s has been transforming Finland into an information society. Imaginative data processing and utilization, arising from the needs of citizens and the business community, are some of the most important elements in a thriving society. Information and know-how have become key ‘commodities’ in society, and they can be utilized all the more efficiently through information technology. Individuals, public and private organizations alike depend on the cyber world. From the citizens using social media, to banks growing their business, to law enforcement supporting national security – every sector of the society is increasingly dependent u…
Informaatioteknologian tiedekunnan tutkimus- ja koulutusstrategia : White Paper
Kyberturvallisuus sosiaali- ja terveydenhuollossa
Knowledge mining of unstructured information: application to cyber domain
Funding Information: TT, KB, ML and KK acknowledge research project funding from Cyberwatch Finland. AC is the CEO of the company. PJ and AC are founders and partners in the company. KK and ML are on the advisory board of the company. Funding Information: TT, KB, ML and KK acknowledge research project funding from Cyberwatch Finland. TT acknowledges funding from the Vilho, Yrjö and Kalle Väisälä Foundation of the Finnish Academy of Science and Letters. Publisher Copyright: © 2023, The Author(s). Information on cyber-related crimes, incidents, and conflicts is abundantly available in numerous open online sources. However, processing large volumes and streams of data is a challenging task for…
Cyber security training in Finnish basic and general upper secondary education
Cyber security in Finland is part of other areas of comprehensive security, as digital solutions multiply in society and technologies advance. Cyber security is one of the primary national security and nationaldefense concerns. Cyber security has quickly evolved from a technical discipline to a strategic concept. Cyber security capacity building can be measured based on the existence and number of research and developments, education and training programs, and certified professionals and public sector agencies.Cybersecurity awareness and the related civic skills play an increasingly important role as our societies become more digitalized. Improving citizens' cyber skills through education i…
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, IC…
Strategic leadership in cyber security, case Finland
Cyber security has become one of the biggest priorities for businesses and governments. Streamlining and strengthening strategic leadership are key aspects in making sure the cyber security vision is achieved. The strategic leadership of cyber security implies identifying and setting goals based on the protection of the digital operating environment. Furthermore, it implies coordinating actions and preparedness as well as managing extensive disruptions. The aim of this article is to define what is strategic leadership of cyber security and how it is implemented as part of the comprehensive security model in Finland. In terms of effective strategic leadership of cyber security, it is vital t…
Arctic Connect Project and Cyber Security Control, ARCY
The submarine communication cables form a vast network on the seabed and transmit massive amounts of data across oceans. They provide over 95% of international telecommunications — not via satellites as is commonly assumed. The global submarine network is the “backbone” of the Internet, and enables the ubiquitous use of mail, social media, phone and banking services. To these days no any other technology than submarine cables systems has not been such a strategic impact to our society without being known it as such by the people. This also means that it is at the same time a very interesting destination for hackers, cyber attackers, terrorist and state actors. They seek to gain access to in…
Basic Elements of Cyber Security for a Smart Terminal Process
Global maritime transportation and logistics systems are essential parts of critical infrastructures in every society, and a crucial part of maritime logistics processes are seaports. Digitalization helps improve the efficiency of terminal systems in the processes of these ports. In Finland this development is going on and it is called SMARTER research program. In the best cases, digitalization can also promote the reduction of emissions by optimizing port operations and enhancing cargo and people flows while improving the experience for all stakeholders. The improvement of port processes relies on the development of Information and Communication Technology (ICT) and as well as on Industria…
Artificial intelligence in the cyber security environment
Artificial Intelligence (AI) is intelligence exhibited by machines. Any system that perceives its environment and takes actions that maximize its chance of success at some goal may be defined as AI. The family of AI research is rich and varied. For example, cognitive computing is a comprehensive set of capabilities based on technologies such as deep learning, machine learning, natural language processing, reasoning and decision technologies, speech and vision technologies, human interface technologies, semantic technology, dialog and narrative generation, among other technologies. Artificial intelligence and robotics have steadily growing roles in our lives and have the potential to transfo…
Suomen terveysdataympäristö
The Modern Strategies in the Cyber Warfare
As there is no generally accepted definition for cyber warfare, it is a term that is quite liberally used in describing events and actions in the digital cyber world. The concept of cyber warfare became extremely popular from 2008 to 2010, partly superseding the previously used concept of information warfare which was launched in the 1990s. For some, cyber warfare is war that is conducted in the virtual domain. For others, it is a counterpart to conventional “kinetic” warfare. According to the OECD’s 2001 report, cyberwar military doctrines resemble those of so-called conventional war: retaliation and deterrence. Researchers agree with the notion that the definition of cyberwar should addre…
Cyber security challenges in aviation and maritime
Mini-drones swarms and their potential in conflict situations
Drones are currently used for a wide range of operations, such as border surveillance, general surveillance, reconnaissance, transport, aerial photography, traffic control, earth observation, communications, broadcasting, and armed attacks. This paper examines the swarming and associated abilities to overwhelm a combatant as well as bring extra functionality by means of extra sensors spread throughout the swarm. The strategy of stealth is becoming increasingly less effective. Combatants can not only sense them, but can also successfully destroy them (although this cannot be said for nano-drones). For mini-drones, objectives can be enhanced by the strategy of overwhelming. peerReviewed
Value from Public Health Data with Cognitive Computing : loppuraportti
Adopting encryption to protect confidential data in public clouds: A review of solutions, implementation challenges and alternatives
A shift towards use of public cloud services is ongoing and more and more enterprises will start to use them in the near future. As public cloud services certainly promise to deliver many benefits, this new way of delivering services also introduces new types of risks. Due to the NSA’s surveillance programs, non-US enterprises need to reassess the risks of public cloud services provided by US companies and look for available solutions to protect their confidential data transferred and stored in the cloud. Encryption is seen as a solution to help enterprises full fill the requirements related to security and privacy, but is often challenging to implement. Encryption has its own security prob…
ICT-alan kehittäminen Keski-Suomessa : selvitys ICT-alan yrityksille Keski-Suomessa
IoT -based adversarial attack's effect on cloud data platform services in a smart building context
IoT sensors and sensor networks are widely employed in businesses. The common problem is a remarkable number of IoT device transactions are unencrypted. Lack of correctly implemented and robust defense leaves the organization's IoT devices vulnerable to numerous cyber threats, such as adversarial and man-in-the-middle attacks or malware infections. A perpetrator can utilize adversarial examples when attacking machine learning (ML) models, such as convolutional neural networks (CNN) or deep neural networks (DNN) used, e.g., in DaaS cloud data platform service of smart buildings. DaaS cloud data platform's function in this study is to connect data from multiple IoT sensors, databases, private…
Suomen kansalliset SOTE-tiedonlähteet ja tietojen hyödyntäminen
From influencee to influencer : the rhizomatic target audience of the cyber domain
The messages of an influence operation are interpreted in a variety of ways by their receivers. To increase the probability of success, these messages are typically tailored to affect a defined group, a target audience. Target audience analysis (TAA) is a process of finding suitable target audiences for influence operations. There are multiple ways of completing the task, ranging from fast and intuitive to complex multi-staged processes. These processes use the information available at the moment of making presumptions about the effectiveness of competing approaches in order to choose those with best end results. The internet presents a challenge to this type of sequential, linear process b…
Jyväskylän yliopisto - ICT-alan innovatiivinen kehittäjä
Suomen terveysdata ja sen hyödyntäminen
Artificial Intelligence in Protecting Smart Building’s Cloud Service Infrastructure from Cyberattacks
Gathering and utilizing stored data is gaining popularity and has become a crucial component of smart building infrastructure. The data collected can be stored, for example, into private, public, or hybrid cloud service infrastructure or distributed service by utilizing data platforms. The stored data can be used when implementing services, such as building automation (BAS). Cloud services, IoT sensors, and data platforms can face several kinds of cybersecurity attack vectors such as adversarial, AI-based, DoS/DDoS, insider attacks. If a perpetrator can penetrate the defenses of a data platform, she can cause significant harm to the system. For example, the perpetrator can disrupt a buildin…
Where Cyber Meets the Electromagnetic Spectrum
Cyber linked with Information Technology, computers and the internet are the most commonly understood potential threats that everybody is aware of nowadays. In the case of National Cyber Strategy most efforts are given to these potential battlefields and threats. But is it enough to stay with these paradigms? Cyber warfare will look for utmost effects for chaos and misalignment of economy and therefore we cannot exclude the facts, that there is a potential threat also possible in the cut volumes between the information technology, the electromagnetic spectrum and its linked infrastructure and processes. We understand the technology for mobile telecommunications and data transfer, as the pro…
Information Influence in Society’s Information Environment : An Empirical Analysis Using the Grounded Theory
This paper investigates information influence in society’s Information Environment. The Grounded Theory approach was used to collect and to analyse the data. A conceptual framework of the thematic categories and item categories was developed on the basis of empirical evidence and past studies that reflect the findings of the field. The most fundamental components in this conceptual framework were six thematic categories (information influence, information operations, cyber operations, psychological operations, kinetic operations, and deception), their item categories, the items themselves, and the interrelationships between the thematic categories. The propositions regarding the thematic ca…
Drones in cyber security environment
Aerial unmanned vehicles (AUV) are currently used for a wide range of operations such as border surveillance, surveillance, reconnaissance, transport, aerial photography, traffic control, earth observation, communications, broadcasting and armed attacks. AUVs are presumed to be reliable, automated and autonomous machines. AUVs are extremely suitable for long missions that strain flight crews or put them to harm's way. Two advantages can be gained by eliminating the flight crew: 1) performance improves (range, endurance, increased payload and maneuverability, smaller physical size and lower observability) and; 2) the ability to take higher risks. UAV/RPAS/drone cyber security has largely foc…
Big datan tutkimus ja opetus Jyväskylän yliopistossa
Kyber on kaikkialla
Rhizomatic Target Audiences of the Cyber Domain
Target Audience Analysis (TAA) is a process of finding suitable target audiences for psychological operations (PSYOPS). Typically, a TAA is a one-way process with some kind of a feedback system. The cyber domain presents a challenge to this type of sequential, linear process by refusing to stay still while the process is being executed, possibly leading to results from yesterday’s data in an environment that no longer exists today. Another challenge is that identifiable human beings—the traditional targets of PSYOPS—are not the only inhabitants of the cyber domain. Physical devices, nicknames, IP addresses, networks, and a vast amount of data populate this environment, in which there are no…
Huippunopea kiinteä laajakaistaverkko : informaatioteknologian strateginen infrastruktuuri-investointi
APT Cyber-attack Modelling: Building a General Model
The global community continues to experience an increase in the scale, sophistication, and successful perpetration of cyber-attacks. As the quantity and value of electronic information have increased, so too have the efforts of criminals and other malicious actors who have embraced the Internet as a more anonymous, convenient, and profitable way of carrying out their activities. The systems are attacked more and more by single or multiple hacktivists, state sponsored hackers, cyber criminals, cyber terrorists, cyber spies, or cyber warfare warfighters. The cyber security approach requires a balance of cyber threat intelligence, real time cyber-attack detection and especially the cyber early…
IT-alan merkitys yhteiskunnassa ja tutkimus-ja innovaatiotoiminnan kehittäminen
Non-Kinetic Warfare : The New Game Changer in the Battle Space
Cyber warfare, information warfare, electronic warfare, command and control warfare, spectrum warfare. Those are only some of the names by which researchers and military experts describe their offensive and defensive non-kinetic actions. The reason for the diversity of the non-kinetic environment is the evolution of the military Electromagnetic Spectrum (EMS) and digital environment over 100 years. With the arrival of radio in the early 20th century, the militarization of the electronic operating environment began. The latest expansion is the formation of the cyber space. Also, the definitions vary significantly. There are differences between USA, Russia, China and NATO. Western countries t…
Cybersecurity risk assessment subjects in information flows
A modern society includes several critical infrastructures in which digitalization can have positive impacts on the levels of autonomy and efficiency in the use of infrastructure systems. Maritime transportation is an example of an infrastructure that currently needs development in the digitalization of its operations and processes. At the same time, maritime processes represent a large-scale cyber environment, thus trustable information distribution between system elements of the processes is needed. Since 2020, the Sea4Value / Fairway (S4VF) research program in Finland has been working to develop maritime digitalization which can lead to autonomy processes in the future. The first stage o…