According to the Government´s Defence Report published in Finland in 2024 and the Government report on changes in the security environment published in 2022, the modern military threat and war manifest themselves in a multifaceted and multidimensional manner. The publications define the concept of broad-based influencing, which includes the often-used term “hybrid influencing”, but the threat scenario of broad-based influencing includes the use of military force playing a significant role.

Since the annexation of Crimea and multi-level hybrid attacks on multiple countries, it is evident that Russia is trying to harm democratic countries and promote its own power aspirations through information influence. A report published by the European Union’s External Action Service in 2025 describes what Russia, often together with China, is doing in this field around the world. The term Foreign Information Manipulation and Interference (FIM) is used in the report to refer to the deliberate and coordinated information influence by foreign actors. As a result of recent developments in the United States, deliberate and coordinated information influencing has increased and is now also coming from the West, rather than just Russia or China.

The war in Ukraine has caused increased tensions, and with it, many means of information manipulation or interference have been seen in the Baltic Sea region. Both digital and physical means have been used to target the infrastructure of Western countries supporting Ukraine. In most cases, it has been very difficult or impossible to identify the actors behind the operations.

In the Defence Forces, the threat model of large-scale influence is used to describe a situation in which a state actor pursues its objectives by creating favourable conditions for itself and promoting its own goals by combining various indirect and direct means. Broad-based influencing is characterised by long-term and covert activities that aim to achieve objectives with indirect effects. This capability is built over a long period of time, exploiting the vulnerabilities of society starting from normal conditions. There is not necessarily a clear distinction between competition between states and conflict. It is a series of events that are difficult to identify and relate to each other. This makes it difficult to link the events to a state actor and to declare a state of emergency.

In wide-ranging influencing, a state actor may seek to cause uncertainty in the target country and among its citizens – and, at worst, even affect the sovereignty or independence of the target state. The tools employed in wide-ranging influencing may also include military pressure and threats to use military force. Military pressure consumes the resources not only of the defence system, but also of society. Long-term pressure has spill-over effects on the target country’s internal security, international position, resilience to mental crises, the country’s will to defend itself and its political leadership. Military force can be used systematically, or the situation can escalate unintentionally. The path to a possible military conflict can occur either quickly or as the result of long-term provocation.

The influencing process is always tailored for the distinctive characteristics of the target country and the estimated weaknesses. Therefore, no direct conclusions can necessarily be drawn from the influencing activities employed against other countries when assessing the threat against Finland. However, the war in Ukraine and the related events have highlighted the need to address and thoroughly understand the phenomenon of wide-ranging influencing.

Finland’s Cyber Security Strategy has been revised in 2024 to reflect the changed operating environment, and its target outlook extends to 2035. The revision takes into account the requirements of the Cyber Security Directive (NIS2) and other key strategies and reports. Information defence, which is included in the Government Programme, forms part of the strategic communications model and the Government Defence Report. The strategy sets out strategic objectives under four pillars, along with shared development measures that apply across them.

According to the strategy, cyber security is part of Finland’s comprehensive security and digitalising society. Cyber security contributes to ensuring national security, national defence, security of supply, businesses and civil society. The change in the geopolitical situation has further emphasised the importance of national and international cooperation in ensuring cyber security. There is an increased need for cooperation between the authorities and the business community, for supporting society’s resilience to crises and for responding to hostile activities. The operating environment is strongly shaped by the acceleration of digitalisation, the development of new technologies and global competition, the growth of interdependence and other megatrends affecting the future, such as climate change and demographic change. The functioning of society’s basic structures and services, such as information and communication networks and their infrastructure, is considered necessary under circumstances.

In general, cyber security refers to measures taken to protect communication and information systems, other electronic systems, and the information stored, processed, transmitted, and their users from cyber threats. Traditionally, cyber security has been approached from a more technical perspective rather than an issue of national security. National cyber security refers to the measures by which the digital society can prepare, identify, prevent, and withstand disruptions in electronic and networked systems, as well as to manage their effects on the vital functions of society and recover from them. It also involves ensuring the operating conditions for national security, national defence, and security of supply. The reform of the Cyber Security Strategy has also been required by the EU Cyber Security Directive and the Cyber Security Act (124/2025) based on it.

Finland’s renewed Cyber Security Strategy is the third of its kind and continues to promote the ecosystem-based approach to cyber security that was introduced in the development programme created under the previous strategy.

Another feature of hybrid warfare is the strategic use of means of influence, both vertically and horizontally. The means of influence are targeted at the vulnerabilities of another state and they are utilised. With the asymmetric use of several different means, the operation escalates both horizontally and vertically. Several tools (horizontal escalation) are used to achieve a greater compound effect. Escalation in the use of a single tool (vertical) enhances the effects when necessary. The means are used to achieve certain goals and may also change as the campaign progresses.

National and multinational government organisations:

The European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE):
https://www.hybridcoe.fi/

• An independent, web-based international organization that has been operating in Helsinki since 2017. Hybrid CoE improves the capabilities of the 33 participating states to counter hybrid threats in close cooperation with the EU and NATO. The Centre focuses on different aspects of hybrid threats – ranging from soft means to military means.

European Union Institute for Strategic Studies (EUISS):
https://www.iss.europa.eu/)

• The EU Agency for Foreign, Security and Defence Policy Analysis in Paris. Its core task is to assist the EU and the Member States in implementing the Common Foreign and Security Policy (CFSP), including the Common Security and Defence Policy (CSDP). EUISS was set up in 2002 to strengthen the EU External Action Service´s capacity to analyse, foresee and network external action. It also acts as an interface between the EU institutions and external experts, including security actors, with the goal of developing EU strategic thinking.

The State Security Department of Lithuania:
https://www.vsd.lt/en/threats/threats-national-security-lithuania/

• The Second Department of Operational Services under the Ministry of State Security, the Intelligence Services and the Ministry of Defence of Lithuania. It publishes every year a joint public assessment of threats to national security.

US Cybersecurity and Infrastructure Security Agency (CISA):
https://us-cert.cisa.gov/

• The United States’ Agency for Cybersecurity and Infrastructure Security. CISA is responsible for Federal Cyber security. Its mission is to guide national efforts aimed at understanding, managing and mitigating risks to U.S. cyber and physical infrastructure.

https://www.eeas.europa.eu/eeas/3rd-eeas-report-foreign-information-manipulation-and-interference-threats-0_en

• The 2025 report on information influencing published by the European Union’s External Action Service describes what Russia, increasingly together with China, is doing in this field globally. The term Foreign Information Manipulation and Interference (FIMI), used in the report, refers to the deliberate and coordinated information influence by foreign actors.