The Cyber Threat Against Denmark

Europe and the rest of the world are facing a new security reality as a result of Russia’s invasion of Ukraine. The war could drag on for years and will shape relations between Russia and the West, including Denmark. It is against this backdrop that we need to understand the current threat landscape – including in the digital domain.

The threat landscape is constantly evolving, and while most cyber attacks are not linked to the situation in Ukraine, it is through this lens that many people now understand the world.

Threat assessments prepared by the CFCS are divided into categories addressing different types of cyber attacks, including cyber espionage, cyber crime, cyber activism, destructive cyber attacks and cyber terrorism.

The threat of cyber espionage against Denmark is VERY HIGH. While matters of security and foreign politics, such as the Arctic, NATO and the EU, are of particular interest to cyber espionage threat actors, critical infrastructure is also a target of espionage.

Cyber espionage undermines Danish political, economic and security interests. It is likely that foreign states use cyber espionage in preparation for destructive cyber attacks.

The threat of cyber crime against Denmark remains VERY HIGH. Well-organized ransomware groups target all levels of society.

The CFCS assesses that the majority of cyber criminals are financially motivated, opportunistic and independently operating non-state actors.

The threat of cyber activism against Denmark is HIGH, making it likely that Danish private companies and public authorities will fall victim to cyber activist attacks in the short term. Pro-Russian cyber activists are very active against NATO countries, including against Denmark, and they have developed a formalized attack method and bolstered their capabilities.

The threat of destructive cyber attacks is LOW. It is less likely that foreign states currently harbour intentions to conduct destructive cyber attacks against Denmark. However, the CFCS assesses that hacker groups affiliated with foreign states are preparing themselves to be able to conduct destructive cyber attacks at short notice.

Danish organizations that are active in Ukraine or delivering products or services related to the war in Ukraine could be more at risk of falling victim to a destructive cyber attack or becoming collateral victims of destructive cyber attacks targeting Ukraine.