Between September 22 and 25, 2025, Finland faced a sustained and coordinated cyber assault targeting critical state infrastructure. The attack involved a massive distributed denial-of-service (DDoS) campaign that disrupted official websites of all parliamentary parties, the Ministry of Defence, the Ministry of the Interior, the Government Council, and the Supreme Court. According to the Finnish Transport and Communications Agency Traficom, the assault was carried out by the pro-Russian hacker group NoName 057(16), which also inflicted collateral damage to several Ukrainian websites.
Disruption of critical services across Europe
This incident follows a broader wave of cyber incidents earlier in the month. On September 19–20, major European airports—including those in Berlin, Brussels, and London—suffered similar attacks targeting registration and boarding systems. Berlin’s airport, in particular, reported disruptions lasting several days, resulting in numerous flight delays and cancellations. Law enforcement agencies across Europe have noted that 2025 has seen a sharp escalation in cyberattacks by pro-Russian groups, often targeting government websites, critical infrastructure, and even electoral systems.
NoName 057(16) and hybrid warfare tactics
The Finnish cyberattack fits a pattern of persistent operations by NoName 057(16), which routinely announces targets in advance and invites other hackers to join its campaigns. Such tactics are part of a wider strategy by Russian state-linked actors employing sabotage and disruption methods—ranging from arson of warehouses and damage to undersea cables to GPS interference and online recruitment of third-country nationals. These cyber activities are increasingly recognized as components of a broader hybrid warfare strategy aimed at destabilizing European democracies, undermining public trust in institutions, and weakening support for Ukraine among EU and NATO members.
European response and resilience measures
In reaction to rising threats, the European Union is advancing the “European Shield for Democracy” initiative, designed to counter hybrid threats such as cyberattacks, disinformation campaigns, and election interference. European governments are also reinforcing cyber defenses and strengthening cross-border cooperation within EU and NATO frameworks. Analysts warn that the continuation of such attacks risks eroding the stability of democratic systems, making coordinated European resilience efforts increasingly critical.
Finland’s recent cyberattack underscores the growing urgency for robust cybersecurity frameworks and real-time intelligence sharing among allies to safeguard political processes and critical infrastructure.
