Cyber Incident Victim: Eduskunta

On August 9, 2022, the Finnish Parliament’s external websites became inaccessible for several hours due to a distributed denial-of-service (DDoS) attack conducted by pro-Russian threat actors. The Parliament confirmed the incident in a public statement, noting collaboration with service providers and the Cybersecurity Center to mitigate the attack’s impact. The hacker group NoName057(16) claimed responsibility through their Telegram channel, explicitly linking the attack to Finland’s pursuit of NATO membership. They described the incident as a "friendly visit" in response to Finnish authorities’ eagerness to join the alliance. The timing coincided with U.S. President Joe Biden’s formal signing of documents endorsing Finland and Sweden’s NATO accession. Finland had formally applied for NATO membership on May 18, 2022, amid heightened regional tensions following Russia’s full-scale invasion of Ukraine in February 2022.

NoName057(16) had previously partnered with another pro-Russian group, Killnet, in late June 2022 to execute DDoS attacks against nations supporting Ukraine. The group openly declared hostilities against NATO and Ukraine-aligned states, framing their actions as retaliation for Western involvement in the Ukraine conflict. This incident occurred against a backdrop of reciprocal cyber operations between pro-Ukrainian and pro-Russian factions, with groups like Anonymous and Ukraine’s IT Army targeting Russian infrastructure since the war’s onset. The United Nations reported widespread displacement of over 12 million Ukrainians and documented severe human rights violations in Russian-occupied territories, contributing to Russia’s suspension from the UN Human Rights Council. The Finnish Parliament’s website disruption represented a localized component of this broader geopolitical cyber conflict, with no additional technical details or secondary impacts disclosed beyond the temporary unavailability of public-facing web services.