The Finnish company Fortum has been facing a significant increase in cyber threats recently. Marcus Rauramo, the General Director, discussed the details of these incidents in a recent interview .
Fortum operates not only in Finland but also in Sweden, Norway, Denmark, Baltic countries, Poland, and Russia. The company is involved in the production, distribution, and sale of electricity and heat supply, with a range of infrastructure including hydroelectric power stations, wind and solar power plants, nuclear power plants, and heat-electrocentrals. They are actively investing in renewable energy sources and are striving for carbon-neutral production, providing energy to residential buildings, large industrial enterprises, state institutions, medical centers, and other critical industries.
Rauramo revealed that Fortum faces daily cyber attacks and attempts at hacking their security systems. The company has observed suspicious activity around its energy facilities, including sightings of unknown individuals and unmanned aerial vehicles. Furthermore, Fortum has been experiencing interference in satellite communications, prompting them to seek assistance from Finnish authorities for investigation.
This concerning trend is not limited to Finland, as Rauramo stated that similar activity is also being detected in Sweden. Despite these challenges, Fortum has managed to fend off threats successfully with minimal impact on their operations. Yari Stenius, head of the security service, acknowledged the increasing number of incidents but noted that their ability to mitigate the effects has been effective.
In a move to enhance energy independence, Fortum made a strategic shift to American-made nuclear fuel from Westinghouse Electric last year. Previously, the Loviisa nuclear power plant in Finland relied on fuel from TVEL, a subsidiary of Rosatom. Fortum now exclusively sources uranium, fuel assemblies, and enrichment services from Western suppliers, marking a notable transition for the company.
Investigators are now focused on determining whether these cyber attacks have any political motivations behind