Cyberattacks: Fortum Faces Increasing Threats to Its Infrastructures in Finland and Sweden

Fortum, a major player in the Finnish energy sector, is confronting a surge of cyberattacks and suspicious surveillance activities around its facilities in Finland and Sweden, likely orchestrated by Russian actors, heightening geopolitical tensions in the region.

Partagez:

Fortum, one of the leading companies in the Finnish energy sector, is experiencing daily cyberattacks and surveillance activities on its critical infrastructures in Finland and Sweden. These incidents include attempts to disrupt satellite connections, unidentified drone flyovers, and physical surveillance of energy production sites. This intensification of malicious activities appears to be linked to the deteriorating relations with Russia, following Finland and Sweden’s decision to join NATO after the 2022 invasion of Ukraine.

According to Fortum’s data, its energy production facilities, including hydroelectric, wind, solar, and nuclear power plants, have seen a significant increase in the number of cyberattacks since the beginning of 2024. GlobalData reported that the first quarter of 2024 recorded the highest number of attacks targeting critical infrastructures in the past four years. This trend seems to be exacerbated by the increased integration of renewable energy sources, which has expanded the attack surface for hackers.

The growing complexity of these cyberattacks is accompanied by new vulnerabilities, particularly within the older management and control systems of the facilities. As a result, Fortum has decided to strengthen its security protocols by adopting advanced technologies and implementing regular system updates. These measures aim to address both existing vulnerabilities and emerging threats, ensuring the resilience of their energy infrastructure against sophisticated cyber threats.

Fortum’s Response to Cyber Threats

To mitigate these risks, Fortum has implemented enhanced security measures, such as stricter access controls, deployment of private security personnel, and conducting emergency simulation drills in collaboration with local authorities. These initiatives are designed to minimize operational disruptions and safeguard critical energy assets. Additionally, Fortum has invested in advanced cybersecurity technologies, including intrusion detection systems and real-time monitoring solutions, to proactively identify and neutralize potential threats.

Cooperation with national security agencies remains limited, as attributing these attacks to state actors, particularly Russians, remains a sensitive issue. Nevertheless, Fortum’s officials acknowledge that Russian involvement is strongly suspected based on intelligence assessments and the nature of the attacks. This collaboration, albeit constrained, is crucial for sharing threat intelligence and coordinating responses to mitigate the impact of cyber incidents.

Geopolitical Context

Finland and Sweden’s accession to NATO has been perceived by Russia as a direct threat to its national security. In response, Moscow has intensified its intelligence and cyber-espionage operations against its Nordic neighbors. This situation has become particularly tense since Russia seized Fortum’s energy assets in its territory, valued at approximately $1.9 billion, in retaliation to European sanctions imposed following the Ukraine conflict.

Finnish and Swedish intelligence agencies have warned that Russia may seek to test the resilience of their energy infrastructures while collecting strategic information. Unidentified drone flyovers and attempts to disrupt Fortum’s satellite communications illustrate these efforts to create uncertainty and exert pressure on energy sector players. These actions are part of a broader strategy to destabilize the region’s energy security and gain leverage in geopolitical negotiations.

Moreover, the increased cyber activities coincide with Russia’s broader strategy to undermine Western alliances and assert its influence in Europe. By targeting critical infrastructure, Russia aims to weaken the economic stability and security of NATO member states, thereby diminishing their capacity to coordinate effectively within the alliance.

Perspectives for Fortum and the Energy Sector

Despite the increase in threats, Fortum states that the impact on its operations remains limited, highlighting the effectiveness of its protective measures. The company’s ability to maintain operational continuity amidst persistent attacks underscores the importance of robust cybersecurity frameworks in the energy sector. However, the persistence of these attacks indicates a long-term strategy aimed at assessing system robustness, gathering sensitive intelligence, or potentially disrupting energy supply chains in the region.

Looking ahead, Fortum and other companies in the sector will need to further strengthen their investments in cybersecurity and collaborate more closely with intelligence agencies to protect their critical infrastructures. The security of energy assets, in an unstable geopolitical context, could become a priority issue for the European Union as tensions with Russia continue to escalate. Enhanced international cooperation and information sharing will be essential in developing comprehensive defense strategies to counteract the evolving threat landscape.

Additionally, the energy sector must anticipate and prepare for the integration of emerging technologies that could both enhance operational efficiencies and introduce new vulnerabilities. As renewable energy sources become more prevalent, the sector must balance the benefits of modernization with the imperative of maintaining stringent security standards to protect against increasingly sophisticated cyber threats.

Pedro Azagra leaves his role as CEO of Avangrid to become CEO of Iberdrola, while Jose Antonio Miranda and Kimberly Harriman succeed him as CEO and Deputy CEO respectively of the American subsidiary.
The US investment fund Ares Management enters Plenitude's capital by acquiring a 20% stake from Eni, valuing the Italian company at 10 billion euros and reinforcing its integrated energy strategy.
ENGIE secures a contract to reduce Airbus' industrial emissions in France, Germany, and Spain, targeting an 85% decrease by 2030 through various local energy infrastructures.
Alain Rhéaume, Chairman of Boralex’s Board of Directors for eight years, will leave his position by December, following the appointment of his successor by the governance committee of the Canadian energy group.
Norwegian group Statkraft plans an annual cost reduction of NOK2.9bn ($292 million) by 2027, citing possible job cuts amid rising financial burdens and volatility in the European energy market.
EDF merges EDF Renouvelables and its International Division into EDF power solutions, led by Béatrice Buffon, to optimise its global 31 GW low-carbon energy portfolio and strengthen its international positioning.
TotalEnergies announces a strategic partnership with Mistral AI to establish a dedicated innovation laboratory integrating artificial intelligence tools aimed at enhancing industrial efficiency, research, and customer relations.
The Energy Transitions Commission warns of economic risks tied to growing protectionism around clean technologies, while calling for global consensus on carbon pricing.
Baker Hughes has reached an agreement to sell its precision sensor product line to Crane Company for $1.15bn, thereby refocusing its operations on core competencies in industrial and energy technologies.
American conglomerate American Electric Power sold 19.9% of two transmission subsidiaries to KKR and PSP Investments, raising $2.82bn to support its five-year $54bn investment plan.
The new mapping by Startup Nation Central identifies 165 active companies in Israel’s energy technologies, amid strong private funding and growing global market interest.
The new CEO of EDF, Bernard Fontana, aims to achieve €1 billion in operational cost savings for the French energy giant by 2030, prioritizing industrial contracts and the national nuclear sector.
CMS Energy Corporation has announced a cash tender offer for debt securities totalling $125 million, issued by Consumers Energy. The offer expires on July 3, 2025, with priority given to bonds submitted before June 17, 2025.
Vermilion Energy is exiting the U.S. market permanently by selling its assets for C$120mn ($87.88mn), refocusing its operations on Canada and Europe while reducing its debt and investment budget.
In 2024, Italian energy giant Eni paid approximately €8.4 billion to various global governments. These payments, primarily concentrated in Africa and Asia, reflect its commitments in the international energy sector.
The International Energy Agency projects a record-high global energy investment in 2025, driven by electricity and low-carbon technologies despite geopolitical and economic uncertainty.
The Czech regulatory authority launches an investigation into suspected collusion involving several major actors in the awarding of a thermal power plant, putting transparency of a strategic transaction for the energy sector at stake.
The Democratic Republic of Congo is set to replace its temporary ban on cobalt hydroxide exports with quotas, aiming to balance global demand, secure revenue, and stabilize market fluctuations.
European Energy secured EUR 145mn in financing from SEB and Swedbank to support wind, solar, and storage assets in Lithuania, reinforcing its regional expansion strategy.
Greenvolt Group finalised the sale of 28 solar and wind projects to Transiziona, valued at €195mn, bringing total asset sales to €530mn in 2025 as part of its pan-European strategy.