"The Security Service has handled it and was able to identify the actor behind it. Fortunately, no serious consequences occurred because of a built-in protection mechanism," Bohlin said at a press conference.
The incident, which according to the minister is not the only one of a similar nature in Sweden, is an example of a changed modus operandi by Russia. The attacks differ from regular cyberattacks as they are directed at so-called operational systems (OT systems), which control critical infrastructure in society.
These attacks often aim to affect so-called OT systems. If they are disrupted, destroyed or remotely controlled by a threat actor, it can have serious consequences.
Poland was attacked
Poland was subjected to a similar, larger-scale attack at the end of last year, and it has also been noted that Norway and Denmark have been affected, Bohlin says.
Overall, this points to a changed, more risk-tolerant and more reckless behavior by Russia.
The government is taking the development seriously, and the authorities are prepared, according to Bohlin. Development work to further strengthen protection is underway, including in the new national cybersecurity center.
Take action
"Our work to deliver situational awareness, collaborate with key sectors of society and support operators before and during incidents and cyberattacks is now being expanded significantly," John Billow, head of the center, said at the press conference.
The center has produced a report with measures that organizations using OT systems should take.
Operational technology systems are often older, and cybersecurity aspects have not always been taken into account, which is why they can be vulnerable to attacks, according to Billow.
Organizations that have OT systems, especially those within critical infrastructure, need to prioritize cybersecurity efforts from management down, he says.
According to Billow, Sweden has a "security debt" in the area of cybersecurity.
"There are cutting-edge activities that are most worth protecting, but we need to raise the basic level. It is clear that investments will be required and security costs money, but the cost of the attacks that occur in the affected activities has so far been much higher," he tells TT.
