Feature

Sweden’s Nato accession: a cyberattack-filled saga

Turkey and Hungary’s objections were far from Sweden’s only obstacle in joining Nato, cybersecurity experts say. Alex Blair reports.

Swedish flag-raising ceremony at the Nato Headquarters on 11 March. Credit: Dursun Aydemir / Getty Images

Sweden’s accession to the Nato alliance was far from a smooth process. While the objections of Turkey and Hungary stole headlines as the main obstacle, there was also massive disruption caused by a deluge of cyberattacks on Sweden as knowledge of the pending Nato membership became public. 

Sweden turned into a prime target for distributed denial-of-service (DDoS) attacks after it formally applied to join Nato in May 2022, according to a report published 2 May 2024, by cybersecurity experts NETSCOUT. 

“When Sweden’s Foreign Minister hinted at Hungary’s approval of their bid to join Nato on February 14, the onslaught began, with attack volume increasing to 636 on February 15”, the report states. “This signalled a spike in unseen tensions and retaliation from several politically motivated hacker groups. In fact, Russian hackers disrupted government operations in Sweden via ransomware attacks.” 

DDoS attacks on Sweden have ramped up considerably from late 2023 into 2024. The peak on 15 February represented a 315% increase compared to the same date in 2023.

Why did Sweden join Nato?

Cyberattacks by pro-Kremlin groups are emblematic of the pressure Sweden felt to shelter under Nato’s Article 5 mutual defence guarantee. 

Stockholm’s ambitions to join Nato date back to 1994, when Sweden had just joined the Partnership for Peace, a Nato program for 19 core and fringe members across Europe. 

What pushed Sweden and its Nordic neighbour Finland over the edge was, of course, Russia’s invasion of Ukraine in February 2022.

Unlike Finland, Sweden does not share a border with Russia. Many Swedes wanted to maintain the country’s traditional military neutrality, but a growing feeling of endangerment prompted Swedish diplomats’ calls for Nato accession to grow stronger.

Swedish Prime Minister Ulf Kristersson pronounced it a “historic day” when Sweden became a full Nato member on 7 March.

Will Nato membership bolster Sweden’s cybersecurity?

Whether or not joining Nato will strengthen Sweden’s cyber defences remains unclear, according to Richard Hummel, threat intelligence lead at NETSCOUT. 

“It is much too early to tell how this move and joining Nato will impact [Sweden’s] cybersecurity space”, Hummel tells Army Technology. “Regardless of what political camp, world power, or partnership one joins, the act of securing networks and assets is a difficult and arduous process that often takes time to implement properly.” 

Even though many of the same pro-Kremlin cybergangs are involved – NoName057, Anonymous Sudan, Russian Cyber Army Team, Killnet – the volume of cyberattacks on Sweden go beyond those inflicted on other Nato members. 

Poland, for instance, suffered a drastic surge in cyberattacks following the election of pro-EU Prime Minister Donald Tusk in December. 

Sweden has also been targeted with an unprecedentedly wide range of attacks, from government agencies to online shopping services

“Sweden is already quite good at handling DDoS attacks as they’ve been pummelled for years with only minor impacts from time to time,” Hummel adds. “It stands to reason they will continue to remain steadfast in their determination to ensure networks and the internet remain easily and readily accessible throughout the country.” 

Why did Turkey and Hungary initially block Sweden from Nato?

Turkey and Hungary, Nato’s most pro-Russia members, both repeatedly opposed Sweden’s accession. 

Turkish President Recep Tayyip Erdoğan pointed to the activities of the PKK, a Kurdish militant group in Sweden, as well as restrictions on arms exports to Ankara. 

Erdogan eventually dropped his objections last July after months of accession hardball – but not before securing significant economic, military and diplomatic gains. 

Hungary continued to drag its feet. While Prime Minister Viktor Orbán never provided any specific justification, most pointed to Hungarian politicians’ continued friendliness with their Russian counterparts. 

Orbán eventually U-turned in February, sweetened by a new military deal for Sweden to sell Hungary four more Gripen jets to add to its current stockpile of 14. 

The benefits of Sweden’s Nato accession are mutual. Stockholm receives greater protection. Its military shortcomings were exposed in 2013 when Russian bomber plans were able to simulate an attack on Stockholm and Sweden needed Nato to help repel them. 

On the flipside, adding Sweden to its ranks offers Nato the geopolitically strategic island of Gotland, a key hub for deploying troops in a conflict. 

Nato also benefits from increased firepower. Stockholm is the world’s 13th-largest arms exporter, with a growing defence industry comprising more than 200 manufacturers. 

Attention in Stockholm now turns to the Nato-derived possibility of greater access to the world-leading cybersecurity systems of the US, the Netherlands or France. 

Go to article: Home | Cybersecurity in the age of AIGo to article: ContentsGo to article: BriefingGo to article: Foreword: Cybersecurity in the age of AI Go to article: Navigating the AI-driven cybersecurity landscapeGo to article: Key trends impacting cybersecurity Go to article: Timeline: a history of cybersecurity Go to article: Explainer: The most common types of cyberattacks Go to article: AI attacks now ‘the main cybersecurity concern’ for businesses across sectors Go to article: The state of cybersecurity: AI and geopolitics mean a bigger threat than ever Go to article: Companies’ own AI applications are ‘a huge cybersecurity problem’ Go to article: Regulators must protect the cybersecurity market from a private equity takeover Go to article: HealthcareGo to article: The impact of cybersecurity on healthcareGo to article: Case studies: cybersecurity in healthcare Go to article: Leading cybersecurity adopters and providers in healthcareGo to article: How healthcare cybercrime is predicted to escalate Go to article: Healthcare cybersecurity risk ‘higher than ever’ due to pandemicGo to article: Industry takes: Keeping healthcare businesses cybersecure Go to article: Rubrik’s Richard Cassidy on cyberattacks and resilience in healthcare organisationsGo to article: Cyberattacks on healthcare: Russia’s tool for mass disruption Go to article: Traceability technologies tighten supply chain fakery Go to article: Could brain-computer interfaces be hacked? Go to article: Deal activity related to cybersecurity in the pharma industry since 2021 Go to article: Deal activity related to cybersecurity in the medical industry since 2021 Go to article: EnergyGo to article: The impact of cybersecurity on the energy sector Go to article: Case studies: cybersecurity in energy Go to article: Leading cybersecurity adopters and providers in power Go to article: Cyberattacks on critical energy infrastructure ‘have increased dramatically’ Go to article: Report: Nuclear industry faces acute cybersecurity threats Go to article: The energy transition means increased attack surfaces for hackers Go to article: Deal activity related to cybersecurity in the power industry since 2021  Go to article: Cyber threat to oil and gas driven by geopolitics, extortion Go to article: How has cybersecurity changed since the Aramco hacks? Go to article: Deal activity related to cybersecurity in the oil and gas industry since 2021  Go to article: MiningGo to article: The impact of cybersecurity on miningGo to article: Case studies: cybersecurity in miningGo to article: Leading cybersecurity adopters and vendors in miningGo to article: Proactive approach to cybersecurity key for minesGo to article: ‘Operational disruption’ the main cybersecurity threat in miningGo to article: Why the mining sector should prioritise investment in cybersecurityGo to article: Will the Northern Sea Route become commercially viable in the near future?Go to article: Deal activity related to cybersecurity in the mining industry since 2021Go to article: DefenceGo to article: The impact of cybersecurity on defence Go to article: Case studies: cybersecurity in defence Go to article: Leading cybersecurity adopters and providers in defence Go to article: Latest news: Ukraine war dominant in cyber operationsGo to article: Sweden’s Nato accession: a cyberattack-filled saga Go to article: Germany recalls ambassador to Russia over cyberattacks Go to article: Why have cyberattacks in Poland spiked since Donald Tusk’s election? Go to article: How did China hack the UK Ministry of Defence? Go to article: Will IoT in defence continue to grow amid cybersecurity concerns? Go to article: AI Innovations wants to use semi-autonomous drones to save lives in Ukraine Go to article: Deal activity related to cybersecurity in the aerospace & defence industry since 2021  Go to article: Consumer GoodsGo to article: The impact of cybersecurity on the consumer goods sector Go to article: Case studies: cybersecurity in the consumer sector Go to article: Leading cybersecurity adopters and providers in consumer goodsGo to article: Latest news: Cybersecurity in packagingGo to article: Cybersecurity rising concern for packaging firms as digitalisation raises threat Go to article: Packaging companies must protect production lines from cyberattacks –analyst Go to article: Cybersecurity boost: Packaging learns from recent IT outages Go to article: Deal activity related to cybersecurity in the packaging industry since 2021  Go to article: Latest news: Cybersecurity in drinks Go to article: Drinks industry faces cybersecurity challenges from smart manufacturing Go to article: Brown-Forman chief talks cybersecurityGo to article: Modern supply chains open up cyber weak spotsGo to article: BankingGo to article: The impact of cybersecurity in banking and payments Go to article: Case studies: cybersecurity in banking Go to article: Leading cybersecurity adopters and providers in banking & payments Go to article: Latest news: cybersecurity in bankingGo to article: AI needed to tackle AI fraud – cybersecurity expert Go to article: What are the main cybersecurity trends of 2024? Go to article: What does the Economic Crime Act mean for foreign investors to the UK? Go to article: Regulators make crypto more attractive to institutions – NYU professor Go to article: Finance firms and ex-spies: strange bedfellows in a war-torn world Go to article: Monzo adds friction to fight fraud—but the features may not be popular with customers Go to article: Looking to stop payment fraud? Modernise your approach to bank validation Go to article: Governments must intervene on anti-fraud funding for real-time payments Go to article: Knowledge sharing puts finance sector among best for cybersecurity Go to article: Deal activity related to cybersecurity in the retail banking industry since 2021  Go to article: Sponsorship opportunitiesGo to article: GlobalData Thematic IntelligenceGo to article: Next issue