Finnish Intelligence Warns of Persistent Cyber Espionage From Russia, China

Finland’s latest security assessment underscores how state‑backed cyber espionage has become a routine instrument for Moscow and Beijing. Since SUPO’s 2023 restructuring to boost intelligence gathering, the agency has documented a steady stream of intrusions aimed at the nation’s high‑tech firms, university labs and government networks. Unlike opportunistic crime, these campaigns are coordinated with political influence objectives, blending stolen data with disinformation to sway public debate. The report warns that the digital threat landscape will not diminish, even as traditional diplomatic channels tighten. The persistence of these operations also pressures Finland to align its cyber‑defence standards with EU and NATO frameworks.

The assessment cites two high‑profile breaches that illustrate the scale of the problem. In 2020, the Vastaamo psychotherapy platform suffered a massive data exfiltration that was later linked to Russian actors, resulting in extortion attempts against thousands of patients. The same year, a breach of the Finnish parliament’s internal IT systems was attributed to China’s APT31 group, exposing legislative communications. Both incidents revealed vulnerabilities in critical infrastructure and prompted a wave of legal actions, highlighting how cyber‑espionage can quickly translate into financial loss and reputational damage for Finnish enterprises. The fallout prompted a national review of incident‑response protocols, emphasizing cross‑border cooperation with allied cyber agencies.

Finland’s NATO membership in 2023 has heightened its strategic profile, drawing greater attention from hostile intelligence services eager to undermine Western unity. The SUPO report notes that cyber attacks are now coupled with hybrid measures such as GPS jamming of aircraft and coordinated disinformation drives, creating a blended threat environment. Experts recommend tighter public‑private collaboration, accelerated deployment of AI‑driven threat‑intel tools, and stronger legal sanctions against state‑backed hackers to safeguard the Nordic digital ecosystem. Without decisive action, the convergence of digital and physical espionage could erode public trust in critical services.