Cyberattacks: Fortum Faces Increasing Threats to Its Infrastructures in Finland and Sweden

Fortum, a major player in the Finnish energy sector, is confronting a surge of cyberattacks and suspicious surveillance activities around its facilities in Finland and Sweden, likely orchestrated by Russian actors, heightening geopolitical tensions in the region.

Share:

Comprehensive energy news coverage, updated nonstop

8.25€/month*

*billed annually at 99€/year for the first year then 149,00€/year ​

Unlimited access • Archives included • Professional invoice

OTHER ACCESS OPTIONS

7-Day Pass

Up to 50 articles accessible for 7 days, with no automatic renewal

3 €/week*

FREE ACCOUNT

3 articles/month

FREE

*Prices are excluding VAT, which may vary depending on your location or professional status

Since 2021: 30,000 articles • 150+ analyses per week

Fortum, one of the leading companies in the Finnish energy sector, is experiencing daily cyberattacks and surveillance activities on its critical infrastructures in Finland and Sweden. These incidents include attempts to disrupt satellite connections, unidentified drone flyovers, and physical surveillance of energy production sites. This intensification of malicious activities appears to be linked to the deteriorating relations with Russia, following Finland and Sweden’s decision to join NATO after the 2022 invasion of Ukraine.

According to Fortum’s data, its energy production facilities, including hydroelectric, wind, solar, and nuclear power plants, have seen a significant increase in the number of cyberattacks since the beginning of 2024. GlobalData reported that the first quarter of 2024 recorded the highest number of attacks targeting critical infrastructures in the past four years. This trend seems to be exacerbated by the increased integration of renewable energy sources, which has expanded the attack surface for hackers.

The growing complexity of these cyberattacks is accompanied by new vulnerabilities, particularly within the older management and control systems of the facilities. As a result, Fortum has decided to strengthen its security protocols by adopting advanced technologies and implementing regular system updates. These measures aim to address both existing vulnerabilities and emerging threats, ensuring the resilience of their energy infrastructure against sophisticated cyber threats.

Fortum’s Response to Cyber Threats

To mitigate these risks, Fortum has implemented enhanced security measures, such as stricter access controls, deployment of private security personnel, and conducting emergency simulation drills in collaboration with local authorities. These initiatives are designed to minimize operational disruptions and safeguard critical energy assets. Additionally, Fortum has invested in advanced cybersecurity technologies, including intrusion detection systems and real-time monitoring solutions, to proactively identify and neutralize potential threats.

Cooperation with national security agencies remains limited, as attributing these attacks to state actors, particularly Russians, remains a sensitive issue. Nevertheless, Fortum’s officials acknowledge that Russian involvement is strongly suspected based on intelligence assessments and the nature of the attacks. This collaboration, albeit constrained, is crucial for sharing threat intelligence and coordinating responses to mitigate the impact of cyber incidents.

Geopolitical Context

Finland and Sweden’s accession to NATO has been perceived by Russia as a direct threat to its national security. In response, Moscow has intensified its intelligence and cyber-espionage operations against its Nordic neighbors. This situation has become particularly tense since Russia seized Fortum’s energy assets in its territory, valued at approximately $1.9 billion, in retaliation to European sanctions imposed following the Ukraine conflict.

Finnish and Swedish intelligence agencies have warned that Russia may seek to test the resilience of their energy infrastructures while collecting strategic information. Unidentified drone flyovers and attempts to disrupt Fortum’s satellite communications illustrate these efforts to create uncertainty and exert pressure on energy sector players. These actions are part of a broader strategy to destabilize the region’s energy security and gain leverage in geopolitical negotiations.

Moreover, the increased cyber activities coincide with Russia’s broader strategy to undermine Western alliances and assert its influence in Europe. By targeting critical infrastructure, Russia aims to weaken the economic stability and security of NATO member states, thereby diminishing their capacity to coordinate effectively within the alliance.

Perspectives for Fortum and the Energy Sector

Despite the increase in threats, Fortum states that the impact on its operations remains limited, highlighting the effectiveness of its protective measures. The company’s ability to maintain operational continuity amidst persistent attacks underscores the importance of robust cybersecurity frameworks in the energy sector. However, the persistence of these attacks indicates a long-term strategy aimed at assessing system robustness, gathering sensitive intelligence, or potentially disrupting energy supply chains in the region.

Looking ahead, Fortum and other companies in the sector will need to further strengthen their investments in cybersecurity and collaborate more closely with intelligence agencies to protect their critical infrastructures. The security of energy assets, in an unstable geopolitical context, could become a priority issue for the European Union as tensions with Russia continue to escalate. Enhanced international cooperation and information sharing will be essential in developing comprehensive defense strategies to counteract the evolving threat landscape.

Additionally, the energy sector must anticipate and prepare for the integration of emerging technologies that could both enhance operational efficiencies and introduce new vulnerabilities. As renewable energy sources become more prevalent, the sector must balance the benefits of modernization with the imperative of maintaining stringent security standards to protect against increasingly sophisticated cyber threats.

Aramco becomes Petro Rabigh's majority shareholder after purchasing a 22.5% stake from Sumitomo, consolidating its downstream strategy and supporting the industrial transformation of the Saudi petrochemical complex.
Chevron India expands its capabilities with a 312,000 sq. ft. engineering centre in Bengaluru, designed to support its global operations through artificial intelligence and local technical expertise.
Amid rising energy costs and a surge in cheap imports, Ineos announces a 20% workforce reduction at its Hull acetyls site and urges urgent action against foreign competition.
Driven by growing demand for strategic metals, mining mergers and acquisitions in Africa are accelerating, consolidating local players while exposing them to a more complex legal and regulatory environment.
Ares Management has acquired a 49% stake in ten energy assets held by EDP Renováveis in the United States, with an enterprise value estimated at $2.9bn.
Ameresco secured a $197mn contract with the U.S. Naval Research Laboratory to upgrade its energy systems across two strategic sites, with projected savings of $362mn over 21 years.
Enerflex Ltd. announced it will release its financial results for Q3 2025 before markets open on November 6, alongside a conference call for investors and analysts.
North Atlantic and ExxonMobil have signed an agreement for the sale of ExxonMobil’s stake in Esso S.A.F., a transaction subject to regulatory approvals and financing agreements to be finalised by the end of 2025.
The Canadian pension fund takes a strategic minority stake in AlphaGen, a 11 GW U.S. power portfolio, to address rising electricity demand from data centres and artificial intelligence.
Minnesota’s public regulator has approved the $6.2bn acquisition of energy group Allete by BlackRock and the Canada Pension Plan, following adjustments aimed at addressing rate concerns.
Statkraft continues its strategic shift by selling its district heating unit to Patrizia SE and Nordic Infrastructure AG for NOK3.6bn ($331mn). The deal will free up capital for hydropower, wind, solar and battery investments.
Petronas Gas restructures its operations by transferring regulated and non-regulated segments into separate subsidiaries, following government approval to improve transparency and optimise the group’s investment management.
Marubeni Corporation has formed a power trading unit in joint venture with UK-based SmartestEnergy, targeting expansion in Japan’s fast-changing deregulated market.
Exxon Mobil plans to reduce its Singapore workforce by 10% to 15% by 2027 and relocate its offices to the Jurong industrial site, as part of a strategic investment shift.
Phoenix Energy raised $54.08mn through a preferred stock offering now listed as PHXE.P on NYSE American, with an initial dividend scheduled for mid-October.
TotalEnergies plans to increase its energy production by 4% annually until 2030, while reducing global investments by $7.5bn amid what it describes as an uncertain economic environment.
Occidental Petroleum is considering selling its chemical subsidiary OxyChem for $10bn, a transaction that forms part of its deleveraging strategy launched after several major acquisitions.
ABO Energy is assessing a shift to independent power production by operating its own renewable parks, signalling a major strategic move in a market that has become more favourable.
Fortescue accelerates the decarbonisation of its operations by leveraging an international network of technology and industrial partners, targeting net zero at its mining sites by 2030.
Mexican state-owned company Pemex confirmed the partial acceptance of bond securities under its debt repurchase offer, with a total allocation of $9.9bn, following strong oversubscription.

All the latest energy news, all the time

8.25€/month*

*billed annually at 99€/year for the first year then 149,00€/year ​

Unlimited access - Archives included - Pro invoice

7 DAY PASS

Up to 50 items can be consulted for 7 days,
without automatic renewal

3€/week*

*Prices shown are exclusive of VAT, which may vary according to your location or professional status.

Since 2021: 30,000 articles - +150 analyses/week.