Psychotherapy center Vastaamo website. LEHTIKUVA


As one of the first countries to make internet access legal, Finland has always been at the cusp of cybersecurity.

However, with most citizens online, this does put a target on its back. And several major data breaches have caused headlines worldwide.

So, how exactly does Finland respond to a cyber threat? What lessons can other countries and companies learn from these events? And just how can you apply these actions to your organization? Read on to find out.

Finland and its record on cybersecurity

Research from Reboot Digital PR in 2022 found that Finland had the lowest cyber danger score worldwide at just 12.6. This starkly contrasts with countries like the United States, which scored a worrying 62.4 in cybersecurity.

Finland scored well because it had fewer phishing sites and only 11 compromised computers per 100,000 users. However, despite this impressive score, the country has still been the subject of some notable data breaches.

Some of these have inspired real change in how businesses worldwide view cybersecurity. Below are some of the data breaches that we can learn from:

1. Data breach on Finnish healthcare services

One of Finland's most significant data breaches was against healthcare facilities. In 2020, hackers seized sensitive data from the psychotherapy service Vastaamo. Over 25 centers were affected, compromising private medical records and therapist notes.

It's estimated that over 30,000 people have received blackmail threats from the hackers. They demanded payment, threatening to leak sensitive files on the dark web.

How did this enormous breach happen? An investigation found that Vastaamo did not encrypt or anonymize sensitive patient data. Furthermore, their security practices were "wholly inadequate." Even worse, hackers accessed patient records as early as 2018. The security flaw existed for six months before being patched.

2. Cyberattack on Finnish communications

As the only commercial news agency, STT is essential to Finnish media. But in 2022, a distributed denial of service attack (DDoS) forced the agency to shut down some of its servers.

The attack restricted the agency's news and image distribution for some days. Due to a possible data breach of sensitive information, a report was sent to the Data Protection Ombudsman.

In response to the breach, STT shared notes with other news organizations throughout Europe. This helped to better prepare them for similar cyberattacks launched at news organizations.

3. Cyberattacks on the Finnish banking sector

With over 180 banks and 2 million customers, The OP Financial Group is one of Finland's largest financial organizations. It was, and remains, a prime target for hackers.

In 2021, it suffered two significant cyberattacks. The first saw a DDoS attack against the bank's login service, which had to be put in a maintenance state. Thankfully, the bank restored services within a few hours that day.

But later that week, phishing messages posing as the bank were sent to customers. The messages included malicious links that, once clicked, would defraud the customer.

Despite containing these attacks, the incident has put OP Financial Group on the map for future attacks. The OP Financial Group's CISO recently confirmed that there had been a 200% increase in DDoS attacks in 2023 compared to 2022.

4. Cyberattack on the Finnish parliament

In 2022, the Finnish parliament was the victim of a DDoS cyberattack, which firmly placed the issue of cybersecurity in the public eye. The attack occurred during an address by Ukrainian President Volodymyr Zelenskyy.

The attack slowed down the website hosting the president's address or prevented users from accessing it. Although no data was seized in the attack, it caused widespread embarrassment and panic for the government.

It is thought that the motive behind the attack was because of the Russian invasion of Ukraine and of Finland's application to join NATO.

5. Data breach on Finnish air travel

In 2021, the basic information of over 200,000 clients of the country's national airline, Finnair, was breached. This was done by hacking a service company attached to the airline, which handled frequent flier information.

Information seized included customer names, numbers, seating, and meal requests. While no financial information was stolen, customers were still asked to change account passwords.

Other airlines affected by the breach included United Airlines and Malaysia Airlines. This breach highlights the importance of vetting supply chain services on data compliance.

What can we learn from Finland's response to cyber breaches?

Despite suffering severe cyberattacks, there are a lot of things we can learn from Finland. Below are some strategies you can use to strengthen your cybersecurity:

1. Using encryption software

One reason the Vastaamo data breach was so significant was that sensitive patient information was an easy target for hackers. If the company had used encryption, this would have reduced the breach significantly.

Thankfully, there are many ways of implementing encryption into your everyday business. One of the easiest ways is using a virtual private network (VPN) across businesses.

What is a VPN? It's a cybersecurity tool that encrypts internet connections. This protects data sent and received and prevents anyone from being able to monitor online activity. Workers can use a VPN to access sensitive data, such as patient records, without compromising their integrity or security.

Moreover, premium VPN services go beyond securing internet connections. They offer dark web monitoring to notify about compromised personal information and malware detection to prevent harmful software downloads.

2. Exchanging information

The World Economic Forum has stressed that companies must share information about data breaches. It helps upskill entire industries and ensures compliance between countries.

This is evident in the case of the Finnish news agency STT. By sharing their notes with other news agencies across Europe, they helped prevent similar attacks.

This information sharing is vital to staying one step ahead of opportunistic hackers. Especially since hackers are often politically motivated, communication businesses must stand united.

3. Improving legislation

Another core strength of Finland's cybersecurity is its government. They are constantly implementing robust legislation and improving policies.

The Finnish cyber security strategy was created in 2013, revised in 2019, and will receive further updates by 2024. This document highlights cybersecurity in everyday life. It also maps out the responsibilities authorities must follow.

In many of the data breaches this article has explored, reports to the Data Protection Ombudsman ensure that governments are up-to-date with issues across the country.

The final word

Hackers do not discriminate when it comes to launching a cyberattack. They will target any country and businesses of any size to get what they want. But by examining a specific country's approach, we stand to learn a great deal about how to defend ourselves.

As this article has shown, Finland has encountered and overcome many attacks. Companies worldwide can mount a similar defense against rising threats by normalizing encryption technologies and exchanging information.