Professor Kimmo Halunen of 6G Flagship speaking at the Faktabaari information resilience panel in Oulu, alongside experts from WithSecure and the City of Oulu.

When the information environment becomes the attack surface

On Friday, the Oulu City Library filled with an unusual mix: fact-checkers, cybersecurity professionals, city officials, and a fair number of regular citizens. The occasion was Faktabaari’s Fakta kiertue (Fact Tour) event series stopping in Oulu as part of a national programme to strengthen information resilience at the local level.

For Kimmo Halunen, Professor of Cybersecurity at the University of Oulu and the National Defence University, the event touched on territory that sits squarely in his research: the increasingly blurred boundary between cybersecurity and information operations.

“These themes are very current in my own work,” he said during the panel discussion. “There’s the technical side, of course, but a large part of what we do [at the University of Oulu] is also about teaching students to identify reliable sources and to think critically about the information they encounter. In cybersecurity terms, information integrity is not separate from technical security; the two are fundamentally linked.”

Joonas Pörsti (Faktabaari) explains how modern information operations increasingly share the same digital techniques, regardless of their origin.

This observation resonated throughout the day’s presentations. Joonas Pörsti, Faktabaari’s editor responsible for international politics, laid out a landscape that has grown considerably more complicated in recent years. Russian information operations targeting European publics are well documented, and Finland has experienced their effects directly. What is newer, and more disorienting for many Europeans, is that some of the same methods — bot networks, AI-generated deepfakes, algorithmically amplified narratives — are now being deployed by actors that were until recently considered allies.

The tools, as Halunen’s research area reflects, are not ideologically neutral. They are techniques, and techniques transfer.

Pilvi Tunturi, Chief Customer Officer at cybersecurity company WithSecure, made the convergence explicit: information influence operations and cyberattacks share the same channels, the same tools, and the same fundamental vulnerability. The human being. Phishing works because it exploits trust and urgency. So does a well-timed deepfake of a politician, circulated days before an election. The difference is one of objective rather than method.

The AI dimension is sharpening this convergence considerably. Generating convincing Finnish-language disinformation used to require a native speaker and real editorial effort. It no longer does. The cost of producing targeted influence content in small languages has dropped to the point where Joonas Pörsti put the price of a basic social media influence package at a few cents to fifteen euros. Meanwhile, the hallucination rates of commercial AI tools — measured across major platforms in a recent EBU study on news integrity in AI assistants discussed at the event — remain high enough that AI assistants routinely produce confident, incorrect answers. Large language models have also been shown to incorporate content from Russian disinformation networks into their training data. This means that asking an AI assistant about a contested geopolitical topic can, in some cases, reproduce the disinformation rather than correct it.

This is the environment that Halunen’s work on AI vulnerabilities addresses directly. His research, including a 2024 paper co-authored with Lauri Tuovinen examining what it actually means for an AI system to be vulnerable, argues that AI security and AI ethics are not separate conversations. A system that can be manipulated through adversarial inputs, or that propagates false information confidently, has both a security problem and an ethical one. The two cannot be designed around independently.

Harto Pönkä (Faktabaari) presents his technical investigation into the NETRACK network, a collection of over 1,300 Finnish domains used for data harvesting and disinformation.

A critical takeaway from the Oulu event was the “small-language problem”—the fact that automated security and moderation tools are rarely optimised for languages like Finnish. Because these systems struggle with regional dialects and linguistic nuances, they create vulnerabilities that are easily exploited. For researchers in the 6G era, this highlights that technical resilience must be linguistically inclusive to be truly effective. Harto Pönkä, who chaired the session and leads the civic association that runs Faktabaari, noted that a network of over 1,300 hijacked Finnish-domain websites, traced back through a Moscow-registered analytics service, had been identified circulating data-harvesting content via Google’s news recommendation algorithm. The operation was low-profile precisely because it was small-scale and linguistically specific.

Faktabaari’s own response to this landscape runs from research partnerships with Nordic fact-checking organisations to direct media literacy education. The Oulu visit included a workshop for a hundred students in practical verification skills — reverse image search, geolocation of video footage, how to identify AI-generated content. The organisation also publishes open guides on digital information literacy, translated into multiple languages.

Whether technical defences or human skills matter more is, the panellists agreed, the wrong question. “Technology can offer solutions in some areas,” Halunen noted, “but it won’t fix every information problem on its own. We need society, community, individuals, and regulation working together. It’s a large problem.” The remark echoes his earlier writing for 6G Flagship, where he has argued that security for disruptive technologies needs to be designed in from the start, not retrofitted once systems are already deployed at scale.

Finland goes to municipal elections in spring 2027, a milestone that Harriet Urponen, the Communications Director for the City of Oulu, used to ground the technical discussion. She warned of a speed gap where public institutions follow deliberate processes to ensure accuracy while AI-driven disinformation moves at the near-instantaneous speed of social media. The event left open the critical question of whether our democratic institutions can move as fast as the tools being used to undermine them.