In the wake of the pandemic, Sweden has launched a new strategy for supply contingency, in which the private sector is expected to play a greater role in guaranteeing key societal functions. The access to detailed data about goods and services is highlighted as a key factor, which means that the need to protect critical IT systems from cyberattacks is more urgent than ever.
A large proportion of Sweden’s socially critical infrastructure and activities can currently be found in the private sector. This includes transport networks, banking systems and energy systems.
In the near future, when it has been proposed that small and medium-sized companies will become more involved in the extended national defence and part of supply contingency, high levels of cyber security will be required. The importance of information security is even greater in a crisis situation.
Several notable cyberattacks have been carried out against Swedish targets in recent years, including the ransomware attacks against Coop and the listed companies Addtech, Gunnebo and Mekonomen. Then there is the hidden number of cases that never become public knowledge.
– “It seems that fraudsters consider it more profitable to go after large companies. I have seen a trend in ransomware in which they chase companies for millions of dollars instead of chasing private individuals for smaller amounts of money,” says Rolf Blom, Security and Encryption Expert at RISE.
Sweden is generally considered one of the most digitalised societies in the world, but our cyber defence of our increasingly integrated IT systems and cloud services is mediocre.
– “In my experience, expertise varies greatly depending on the size of the organisation. There is cutting-edge expertise in many fields but it is not broad enough to cover all needs.
– “And there is always room to improve. Criminals and bandits only need to be the best in one area, while defence needs to be the best in all areas,” Blom says.
Nearly 100 RISE employees currently work on security certifications. This expertise has been developed through a number of development projects and multi-year research projects. In addition to cutting-edge expertise in IoT security, there are also resources dealing with the cloud, 5G and AI, to name but a few. The latest addition to the arsenal is the Cyber Range in Kista, a physical and virtual facility for education and training on attacks and defence of IT systems.
– “What is so special about our Cyber Range is that it is possible to create a parallel solution and virtually configure a digital twin of the customer’s system in a secure environment.
Criminals and bandits only need to be the best in one area, while defence needs to be the best in all areas
The major benefit is that testing and training can be implemented using the same systems, networks and software used for everyday work situations. Problems and solutions can be discussed in absolute confidence and without any risk of leaks.
– “The starting point is the many usual questions relating to much of IT hygiene,” Blom notes. So:
One lesson learned from the successful cyberattacks that have taken place in recent years must also be emphasised: consider having your environment tested by an external party to identify any security holes. An attack vector that has been snuck in through an update causes less damage in a closed virtual environment than it would in your production system.