Fortum, one of the leading companies in the Finnish energy sector, is experiencing daily cyberattacks and surveillance activities on its critical infrastructures in Finland and Sweden. These incidents include attempts to disrupt satellite connections, unidentified drone flyovers, and physical surveillance of energy production sites. This intensification of malicious activities appears to be linked to the deteriorating relations with Russia, following Finland and Sweden’s decision to join NATO after the 2022 invasion of Ukraine.
According to Fortum’s data, its energy production facilities, including hydroelectric, wind, solar, and nuclear power plants, have seen a significant increase in the number of cyberattacks since the beginning of 2024. GlobalData reported that the first quarter of 2024 recorded the highest number of attacks targeting critical infrastructures in the past four years. This trend seems to be exacerbated by the increased integration of renewable energy sources, which has expanded the attack surface for hackers.
The growing complexity of these cyberattacks is accompanied by new vulnerabilities, particularly within the older management and control systems of the facilities. As a result, Fortum has decided to strengthen its security protocols by adopting advanced technologies and implementing regular system updates. These measures aim to address both existing vulnerabilities and emerging threats, ensuring the resilience of their energy infrastructure against sophisticated cyber threats.
Fortum’s Response to Cyber Threats
To mitigate these risks, Fortum has implemented enhanced security measures, such as stricter access controls, deployment of private security personnel, and conducting emergency simulation drills in collaboration with local authorities. These initiatives are designed to minimize operational disruptions and safeguard critical energy assets. Additionally, Fortum has invested in advanced cybersecurity technologies, including intrusion detection systems and real-time monitoring solutions, to proactively identify and neutralize potential threats.
Cooperation with national security agencies remains limited, as attributing these attacks to state actors, particularly Russians, remains a sensitive issue. Nevertheless, Fortum’s officials acknowledge that Russian involvement is strongly suspected based on intelligence assessments and the nature of the attacks. This collaboration, albeit constrained, is crucial for sharing threat intelligence and coordinating responses to mitigate the impact of cyber incidents.
Geopolitical Context
Finland and Sweden’s accession to NATO has been perceived by Russia as a direct threat to its national security. In response, Moscow has intensified its intelligence and cyber-espionage operations against its Nordic neighbors. This situation has become particularly tense since Russia seized Fortum’s energy assets in its territory, valued at approximately $1.9 billion, in retaliation to European sanctions imposed following the Ukraine conflict.
Finnish and Swedish intelligence agencies have warned that Russia may seek to test the resilience of their energy infrastructures while collecting strategic information. Unidentified drone flyovers and attempts to disrupt Fortum’s satellite communications illustrate these efforts to create uncertainty and exert pressure on energy sector players. These actions are part of a broader strategy to destabilize the region’s energy security and gain leverage in geopolitical negotiations.
Moreover, the increased cyber activities coincide with Russia’s broader strategy to undermine Western alliances and assert its influence in Europe. By targeting critical infrastructure, Russia aims to weaken the economic stability and security of NATO member states, thereby diminishing their capacity to coordinate effectively within the alliance.
Perspectives for Fortum and the Energy Sector
Despite the increase in threats, Fortum states that the impact on its operations remains limited, highlighting the effectiveness of its protective measures. The company’s ability to maintain operational continuity amidst persistent attacks underscores the importance of robust cybersecurity frameworks in the energy sector. However, the persistence of these attacks indicates a long-term strategy aimed at assessing system robustness, gathering sensitive intelligence, or potentially disrupting energy supply chains in the region.
Looking ahead, Fortum and other companies in the sector will need to further strengthen their investments in cybersecurity and collaborate more closely with intelligence agencies to protect their critical infrastructures. The security of energy assets, in an unstable geopolitical context, could become a priority issue for the European Union as tensions with Russia continue to escalate. Enhanced international cooperation and information sharing will be essential in developing comprehensive defense strategies to counteract the evolving threat landscape.
Additionally, the energy sector must anticipate and prepare for the integration of emerging technologies that could both enhance operational efficiencies and introduce new vulnerabilities. As renewable energy sources become more prevalent, the sector must balance the benefits of modernization with the imperative of maintaining stringent security standards to protect against increasingly sophisticated cyber threats.
