Cyber Incident Victim: Finland Election Result Service

On the weekend of April 6, 2019, Finland’s official election results portal (vaalit.fi) experienced intermittent disruptions due to a denial-of-service (DoS) attack. The National Bureau of Investigation (KRP) confirmed the attack occurred in the early hours of that weekend, characterizing it as short in duration and low in volume. The targeted service provided real-time election results to the public but operated independently from vote casting and counting systems, ensuring no impact on electoral integrity. Arto Jääskeläinen, head of electoral administration at the Ministry of Justice, clarified that vaalit.fi primarily served smaller news outlets, while major media organizations like YLE and Helsingin Sanomat received results through a separate secure connection. The attack caused temporary accessibility issues but did not compromise data accuracy or availability for critical stakeholders.

KRP launched an investigation into the incident, tentatively classifying it as aggravated interference with communications under Finnish law. No suspects were identified during the initial phase. Detective Chief Inspector Marko Leponen of KRP’s Cybercrime Centre noted authorities had anticipated potential cyber threats during elections, emphasizing that high-profile public services often attract such attacks. The incident drew public attention when Green League chairperson Pekka Haavisto described it as a serious threat to democratic processes, advocating for continued reliance on paper-based voting safeguards. The disruptions remained confined to the public-facing portal, with no evidence of data manipulation or broader system infiltration. Finnish officials reiterated the resilience of election infrastructure while acknowledging the persistent risk of cyber incidents targeting visibility-focused platforms.