Financial sector cyber exercise attacked digital services and piloted exercise environment

Marko Vatanen, Henri Heinonen, Tehi Palletvuo ja Tero Kokkonen sitting on sofas, having a conversation.
MORE INFORMATION
Profile picture
Tero Kokkonen
Director
Jamk Institute of Information Technology

News in Finnish: Finanssialan kyberharjoituksessa hyökättiin digitaalisiin palveluihin ja pilotoitiin harjoitusympäristöä – ePressi

More than twenty organizations in the financial sector participated in the cyber exercise organized by Jamk University of Applied Sciences (Jamk) and the National Emergency Supply Agency on 10.–12.12.2024. Cyber exercise was focused on financial sector to pilot dedicated cyber range environments and co-operations in cyber incidents.

The financial sector cyber exercise organized jointly by Jamk and the National Emergency Supply Agency involved large-scale cyber attacks. The exercise environment piloted in the exercise provides an opportunity to practice even the most serious cyber incidents. During the exercise, the situation became so critical that, for instance, securities trading operations were halted.

“The exercise had successfully taken into account changes in the current security environment, key threats and disruptions in the industry, and the interdependencies between organizations in the sector”, says Tehi Palletvuori, Chief Preparedness Specialist of National Emergency Supply Agency.

The exercise and exercise environment were implemented by JYVSECTEC (Jyväskylä Security Technology), a research, development and training center located at Jamk’s Institute of Information Technology. Participants from over twenty organizations in the finance, insurance, and financial administration sectors gathered at the center’s facilities for exercising.

Digital services depend on the security of systems

Financial sector organizations offer digital services for payment transfer, pension management, insurance and saving, among other things. In the exercise, the aim was to disrupt and prevent the operation of service-related systems with various cyber attacks.

“It is important to be able to practice the effects of cyber attacks on different systems, because even in the real world, for example, most financial transactions pass in bits through different systems”, says Marko Vatanen, Chief Technology Officer of JYVSECTEC.

The cyber exercise environment designed for use by the sector has been modelled not only on the technical systems and services of the organizations participating in the exercise, but also on the connections between the sector and its systems.

Developing security of supply

The cyber exercising in the financial sector is part of the long-term cooperation between Jamk and the National Emergency Supply Agency, which provides the participating organizations with concrete tools for developing their own processes and those shared by the sector. Jamk has previously modelled exercise environments also for other sectors critical to security of supply, and the cooperation continues.

“Training makes dealing with a crisis faster, smoother and more efficient. Additionally, the exchange of threat information between organizations will improve. During the exercise, we were able to test cooperation between organizations and authorities in the sector”, says Henri Heinonen, Aktia Bank’s Chief Information Security Officer and Chairman of the Financial ISAC Information Sharing Group, who participated in the exercise.

“The exercise sums up well our long-term cooperation with the National Emergency Supply Agency, which has contributed to increasing Finland’s security of supply. We will continue this cooperation also in the future”, says Tero Kokkonen, Director of Jamk’s Institute of Information Technology.

The financial sector exercise environment was modelled as part of the RGCE cyber exercise environment, which has been developed by JYVSECTEC (Jyväskylä Security Technology) research, development and training centre located at Jamk’s Institute of Information Technology. The development of the exercise platform for use by operators critical to security of supply is funded by the National Emergency Supply Agency’s Digital Security 2030 programme.

Inquiries

Tero Kokkonen, Director of Jamk’s Institute of Information Technology
etunimi.sukunimi@jamk.fi 
p. 050 4385 317

Marko Vatanen, Chief Technology Officer, JYVSECTEC
etunimi.sukunimi@jamk.fi
p. 040 5458 630

Tehi Palletvuori, Chief Preparedness Specialist, National Emergency Supply Agency
etunimi.sukunimi@nesa.fi
p. 029 505 1032

Slide

Adding resilience to digital business

Slide

JYVSECTEC – Jyväskylä Security Technology is an independent research, development, and training center in Finland. We operate as part of Jamk University of Applied Science's Institute of Information Technology.

LinkedIn logo
YouTube logo
GitHub logo

Jamk University of Applied Sciences, Institute of Information Technology
Piippukatu 2, 40100 Jyväskylä, Finland
jyvsectec@jamk.fi

JYVSECTEC – Jyväskylä Security Technology © 2025 Finland.