Everything Has Been Disclosed. The Source Has Been Destroyed,
But The Attacks Continue, and Tensions Rise
Hacker groups target Denmark and Sweden, while Russia poses a growing security threat, says Swedish Security Services. Learn more.
Everything Has Been Disclosed. The Source Has Been Destroyed, But The Attacks Continue, and Tensions Rise
The recent cyber attacks on Danish hospitals and airports have raised concerns about the security of critical infrastructure and the source of these attacks. While some are questioning whether the attacks are the work of a hacker group or fake news, the Swedish Security Services have warned about the increasing threats to Sweden’s security, focusing on disinformation campaigns from Russia. According to Säpo, the long-term threat from China is also growing, while Iran remains a tangible security threat.
Amid rising tensions, questions are being raised about who is behind these attacks and their agenda. Some suggest that fake news may fuel the story and divert attention from other issues. But regardless of the source of the attacks, it is clear that cybersecurity threats are a growing concern for governments, businesses, and individuals alike. As the world becomes increasingly interconnected, the potential for cyber attacks to disrupt critical infrastructure, steal sensitive data, and sow chaos and confusion is only growing.
Against this backdrop, it is more important than ever to take cybersecurity seriously and to develop effective strategies for preventing, detecting, and responding to cyber threats. This requires technical expertise and an understanding of the human factors that drive cybercrime and the geopolitical context in which it operates. As Brett Johnson, former US Most Wanted Cybercriminal, has argued, understanding the criminal mindset and using deception as a tool can be critical in combating cybercrime. Only by staying one step ahead of the attackers can we hope to stay safe in an increasingly interconnected world.
Danish Hospitals Under Cyber Attack
Late on February 26, a hacking group named Anonymous Sudan launched DDoS attacks on nine Region H hospitals in Denmark, causing their websites to go offline for several hours. The group emerged a month ago and is believed to be politically motivated and based in Russia.
They warned of further attacks against Denmark’s healthcare infrastructure in retaliation for an alleged far-right activist’s burning of a Koran in front of the embassy of Turkey in Stockholm. However, the attack had limited impact, and the impacted sites were back to their regular operation after a few hours of downtime.
Anonymous Sudan is unrelated to a group of the same name that launched attacks in 2019. This latest attack is part of a growing trend of nation-backed cyberattacks against countries with NATO ties. Russia-backed threat groups have been targeting NATO members’ critical infrastructure with coordinated DDoS attacks since the start of the year.
Anonymous Sudan has recently joined the Russian Killnet collective and has targeted the U.S. health sector, but unlike other hacktivist groups, they do not use illegal botnets for their attacks. Instead, they use a paid cluster of servers hosted in Germany.
Threats to Sweden’s Security Are Increasing
Sweden is facing increasing security threats, mainly from Russia, as per the latest report from the Swedish Security Services (Säpo) released last month. The report states that Russia, China, and Iran are posing a severe threat to Sweden’s security, including cyber attacks and disinformation campaigns.
Charlotte von Essen, the head of the Security Service, mentioned that “Sweden’s security is being challenged from several directions.” The threat to Sweden is becoming more complex as several authoritarian countries interact to a greater extent than before, the security agency states.
In particular, the report singles out Russia as the greatest threat, partly because President Vladimir Putin’s regime is inclined to take significant risks. According to Säpo, Russia conducts extensive intelligence activities against Sweden, viewing it as part of Europe, NATO, and the collective West. This perception means that Sweden must prepare itself for an increase in the number of security-threatening activities from Russia.
China is also considered a long-term and growing threat by Säpo, while Iran is described as a tangible security threat. In recent months, Sweden has faced an increased threat of attacks fueled, in particular, by the Quran-burning incident near the Turkish embassy in Stockholm last month. As a result, the terror threat level in Sweden remains elevated, at level three on a five-point scale.
Säpo also highlighted the persistent threat of attacks from violent Islamist extremism and violent right-wing extremism. Conspiracy theories and anti-state messages widely spread online contribute to the growing extremism, posing a broader threat to Sweden’s constitution. According to von Essen, “this development means that the agendas of foreign powers and violent extremists often coincide.”
Despite the increasing threats, Säpo noted that Sweden is lacking in protecting security-sensitive activities across sectors, which could lead to the disclosure of information about the country’s defence capabilities.
Cyber Threats Rise in Nordics in Response to NATO Applications
Sweden and Finland have increased their alert levels for cyberattacks due to concerns about increased hacking risks resulting from the ongoing war in Ukraine and the two countries’ subsequent applications to join NATO.
Although cybersecurity officials in both countries have not seen an increase in attacks targeting critical infrastructure since Russia invaded Ukraine in February last year, they say both countries are becoming more attractive targets for hacking groups with Russian connections.
Hackers with links to Russia may try to sway the process by defacing Swedish websites and spreading disinformation online. The possibility of long-term espionage campaigns after the countries become NATO members and cyberattacks in retaliation for joining are also concerns.
As a result, the Swedish and Finnish governments have raised alert levels and warned about cyber threats targeting domestic companies and infrastructure. Cybersecurity agencies receive more notifications and requests for information from concerned individuals and companies. Officials attribute the increase to growing awareness and public concern about cyber threats.