Front Page: NCSC-FI
Front Page: NCSC-FI
Menu

Candidates and political parties can utilise the instructions provided on this page for information and cyber secure election campaigning.

Preparing for elections requires persistent cooperation between several different operators. Thanks to cooperation between ministries, government agencies, municipalities and individual polling stations, the Finnish election system is both stable and secure.

The voting conducted with ballot papers cannot be easily interfered with by attacks on information systems. Similarly, the reliability of counting the votes by hand cannot be influenced by cyber attacks. That being said, political parties and individual candidates should also pay attention to their own information security during elections. This page provides tips on how to protect user accounts, prevent data breaches and identify information influence activities, among other things. The presented methods are also ideal for ensuring everyday information security.

Instructions related to information security and cyber security

Guide to protecting yourself against data breaches

A data breach refers to unauthorised access to an information system, service or device or unauthorised use of an application, such as an email account, by means of acquired access codes. Carrying out a data breach is a punishable offence as defined in the Criminal Code of Finland, as is an attempted data breach. Merely accessing a system without authorisation meets the definition of an offence, meaning that the target of the breach or the data it contains do not need to actually be used for anything.

Multi-factor authentication protects your user accounts

Multi-factor authentication means that your identity is confirmed using two or more authentication methods, or factors, when you sign into your social media accounts, for example. Using multi-factor authentication can prevent almost all account hijacking attempts. With multi-factor authentication, even if a criminal were to get a hold of your username and password, they cannot log in to your account without the additional authentication factor. Services that store personal or payment data should always be protected with multi-factor authentication.

Tips for ensuring the security of your mobile phone

Mobile phones have become an integral part of our everyday work and lives. They contain large amounts of sensitive information, the misuse of which could have a major impact on our privacy and security. Mobile phones are also an attractive target for criminals aiming to exploit the different functions of mobile devices. Every week, the NCSC-FI receives reports of incidents where mobile phones have been used for criminal purposes. Such incidents include scam and phishing messages.

Take control of your passwords – Who is using your account?

Who is using your account? It is no coincidence that when you log in to your online bank, the authentication process is more complex than when logging in to a discussion forum, for example. Important data and digital property should be protected as effectively as possible so as to prevent them from falling into the wrong hands. In this guide, we talk about secure online authentication practices and provide tips on how to manage your passwords.

Home network and router security

When working remotely, it is crucial to ensure the information security of your home network and router. Your modem or router is the gateway to your home network, which is why it is especially important to keep it secure. Your modem and router may be two separate devices, or you may have a single device that serves as both a modem and a router. In these instructions, we go over the basics of router security to help you protect your home network and personal data.

Other instructions related to the security of elections and election campaigning

Tips for identifying information influence activities

Over the course of a single day, we encounter an enormous number of different messages, with numerous operators employing various methods to vie for our attention. How, then, can you evaluate the reliability of the information provided in these messages? What should you pay attention to when reading a social media post and deciding whether to share it, for example? What are information influence activities?

Related news on the NCSC-FI’s website

Cooperation between the authorities ensures secure elections

The year 2024 is a major election year both in Finland and around the world. Preparing for the presidential election and the European elections entails long-term work by several different operators, from ministries and agencies all the way to the level of municipalities and individual polling stations. Although international tensions may cause concern among citizens, the Finnish election system is stable and secure.

What are deepfakes? How to recognise a deepfake

You have probably encountered the word “deepfake” a lot lately. To put it simply, artificial intelligence (AI) is used to combine sound, video, text or photos to create virtual copies of real-life people, for example. Deepfakes are a form of this technology, in which different media are combined to make an avatar say and do things that the real-life person has never said or done.

When every day could be April Fool's Day – What are deepfakes? (article in Finnish)

Useful links

REPORT AN INFORMATION SECURITY INCIDENT TO US

Individuals, businesses and organisations can report to the National Cyber Security Centre Finland (NCSC-FI) at the Finnish Transport and Communications Agency Traficom any actual or attempted information security incidents they are experiencing, such as phishing or denial-of-service attacks.

Based on the reports, the NCSC-FI investigates information security violations concerning network services, communications services and value-added services, gathers information on these events and disseminates information on security matters. In addition to raising general awareness about information security, we can also provide help in the technical investigation of severe information security violations.

Updated