Finnish ‘Cyber War Room’ beats hackers at their own game
As the world becomes increasingly digital, so do the threats it faces. A Finnish research laboratory has harnessed the powers of attack testing and public-private co-operation to stay one step ahead of cybercrime.
There is a team of researchers in Finland who spend their days plotting complex cyber attacks. Instead of malicious purposes, these ethical hackers use their skills to detect security vulnerabilities and help companies prepare for numerous cyber threats. This is not the premise for a science fiction film, but how the VTT (Technical Research Centre of Finland) ‘Cyber War Room’ security laboratory operates.
“Our cyberlab is a completely isolated space with its own mini-Internet. It is a test environment that is not connected to the outside world,” explains Reijo Savola, principal scientist at VTT.
The Cyber War Room offers businesses and public organisations a safe environment to subject their devices and systems to highly realistic cyber attacks. Companies gain knowledge on their vulnerabilities, while VTT’s research team uses the data to develop new tools to tackle cyber threats ranging from malware to political espionage.
Although Savola cannot name any of the lab’s customers for security reasons, its combination of collaborative approach and advanced technology is what makes the Cyber War Room unique. Any organisation can now have their security capabilities tested in the cyberlab instead of just relying on estimates.
“Other research organisations do not have similar labs at their disposal,” says Savola. “Many security companies have their own test environments, but they focus on their own operations and enhancing their own products… There is more demand for the Cyber War Room than our capacity at the moment.”
VTT represents the largest independent cybersecurity research team in Finland and a key part of its operations is international co-operation. In fact, the Cyber War Room opened a year ago as part of an EU-wide research programme ‘Safe and Secure European Routing’ (SASER). VTT led the programme’s network security-focused Finnish research group, which included industry partners 2NS Second Nature Security, EXFO, MPY Palvelut and Intel Security.
In a project like SASER, companies both contribute to the programme’s wider goals and use the research for their own R&D. Savola believes VTT has an important role to play in supporting companies to create new business and innovations.
“Small and medium size companies [SMEs] are our field. They don’t have the same research resources as big corporations and we act as their research centres,” explains Savola. “Typically we develop proof-of-concepts and prototypes in these projects and then the companies continue their commercialisation.”
A prime example comes from SASER. The programme gave Helsinki-based company 2NS the tools it needed to develop its first software product, a security monitoring service called ‘Morpheus’. It alerts users to any security problems and vulnerabilities in their systems and even helps to predict upcoming cyber attacks, yet it takes only a few minutes to set up.
Morpheus represents a big step for 2NS as the company previously focused solely on expert services for security testing and auditing.
“We had the idea, but would we as an expert company have started to build Morpheus if we wouldn’t have received support from VTT and funding from Tekes [the Finnish Funding Agency for Innovation]? Probably not,” says Mika Holmberg, CEO of 2NS. “But now we have a globally scalable product which is unlike anything else on the market.”
After its positive initial experience, 2NS is now participating in the follow-up phase of the SASER programme. This will focus on monitoring methods for next generation networks, such as 5G. Holmberg believes these kinds of programmes offer unique opportunities for SMEs.
“VTT does a lot of great research in the cyber sector which we in the research programme can use for new ideas and products,” Holmberg says. “The next programme, for instance, will include adaptable, self-learning systems on which VTT has done plenty of work. We will be able to introduce these features into our new cybersecurity solutions.”
Both Holmberg and Savola agree on the main strengths of the Finnish cybersecurity sector: high-level expertise and tight cooperation between companies and research organisations, all the way to governmental level. VTT’s Cyber War Room is a successful manifestation of these strengths and the plan is now to grow it into an internationally significant research resource. Demand will not be a problem:
“The internet and networks are continuously expanding everywhere. Soon everything will start to communicate via the Internet – fridges, saunas, cars, buildings,” Holmberg describes. “Cybersecurity investments are needed so any security holes can be blocked from the start.”
Text: Eeva Haaramo