Estonia Fears Cyber Attacks Will Rise Because Of War In Ukraine

Russia’s war on Ukraine is now being fought with bombs as well as bytes, causing European nations to engage with improving their cyber defence capabilities.

As cities in Ukraine come under attack from Russian forces, a digital offensive will often also be part of the invasion and this effect could increase under the threat of sanctions from the West.

One country they can learn a lot from is Estonia. The nation, which shares a border with Russia, was one of the first to come under attack from this modern form of hybrid warfare 15 years ago.

Since then, this small nation that has a population of 1.3 million people has built its cyber defence infrastructure and ranks third-best in the world behind the United States and Saudi Arabia, according to the Global Cybersecurity Index (GCI).

Estonia has been occupied twice throughout its history. The last time was by the Soviet Union, from 1940 until 1991. Since then, the country put in all the protections to ensure this could not happen again. “There was this short opportunity window when Russia was going in, I assume, by our estimates, the right direction. And then we used this opportunity window to join all the possible clubs that we could, which is NATO, which is the European Union,” Estonia’s Prime Minister Kaja Kallas said at a press gathering. “And then actually, we had people asking us, why do you need this? Because Russia doesn't pose a threat anymore. And we said, ‘we know our neighbour’”.

On 24 February, as Russian troops entered Ukraine, a cyber attack disrupted communication networks in Donbas. These attacks affected not only physical but especially space infrastructure. Cyber activity knocked out communication satellites from Viasat, an American firm providing space-based broadband services across Europe.

Consequently, the attacks affected Ukraine and other European customers that rely on the firm’s services. This invasion of Ukraine by Russia has brought back painful memories in Estonia. “Being in the geographical location where we are, you have two choices: Either to be with the West, to be with Europe or to be with Russia,” Kallas said.

Other countries that have recently followed Estonia’s path and are bidding to join NATO are Sweden and Finland. Asked how Russia could react, Kallas responded: “We are probably going to see cyber attacks. We're going to see some showing of power. But I think that's about it”. Kallas did not appear too worried about more possible cyberattacks. Perhaps because Estonia already learned the lessons of how to respond to them in the past.

The story begins in 2007 and comes down to a statue and fake news. The Bronze Soldier was unveiled by the Soviet authorities in 1947 and back then was called the “Monument to the liberators of Tallinn” and sat in the capital. Russian speakers in Estonia believe the monument represents the USSR’s victory over Nazism but for many ethnic Estonians, the Soviet soldiers were occupiers rather than liberators, and the statue is a reminder of that. In 2007, the Estonian government moved the Bronze Soldier from Tallinn to the outskirts of the city to a military cemetery. 

Protests were then triggered by false claims by Russian media that the statue and Soviet war graves were being destroyed by Estonia’s government. A day later, Estonia was hit by cyber attacks, which lasted weeks and knocked  out Estonian banks, government bodies and the media.

Exactly who was behind the attacks is unknown. The cyber attacks came from Russian IP addresses and the government has always denied any involvement.

“It has been called by many experts Web War one and at the time what the effect that had was that we really realised the vulnerability of the digital society and the digital infrastructure that we were building,” Luukas Ilves, Chief Information Officer for Estonia’s Government told Euronews. “It made us aware, maybe some years before the rest of the world, of the risks around cyber attack and cyber insecurity”.

Estonia is one of the leading digital nations and a large part of how the public interacts with the government is done digitally, from voting and paying taxes to setting up companies and verifying identity. The backbone of this digital society is X-Road, a software solution which acts like a distributed government information system and binds together different databases and different organisations. “If something happens to one part of the system, there is another part of the system that takes over, that everything is backed up into various locations, that you don't have a single point of failure,” Oliver Väärtnõu, CEO of Cybernetica, the company which developed X-Road, told Euronews.

When the same question was put to Estonia’s Prime Minister, she replied: “What I can tell you, because this is a very difficult position. I hear things in the secret rooms that I can't talk about. I would say that we don’t talk about things publicly but going to [cyber] offensive brings about different risks that you don’t put back in a bottle.. I can't say we don't and I can't say we do but I would answer that if we do, we are not talking about this,” she added when pushed on the topic.

While governments remain tight-lipped on the issue of cyber offence development, it appears to be an open secret and in Ukraine’s case a necessity.

“I think there is no real secret anymore that governments develop their offensive (cyber) capabilities. And partly why Ukraine has been successful is that they have created this cyber army that is putting on so-called active defence, which is an offensive defence to put it in other words,” said Väärtnõu.

Estonia’s government sees the development of cyber security as a constant investment and says it is always looking at ways to improve and build more complicated systems. The country also believes it can learn a lot from the war in Ukraine and should keep a close eye on Russian cyber activities.

Euronews:        Euronews:       NPR:       EPC:      Yahoo:    BizCrast

You Might Also Read: 

NATO Will Retaliate:

 

« An Airline Brought To A Standstill By Ransomware
Ransomware’s Serious Effects On Cyber Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Montash

Montash

Montash is an award winning, global technology recruitment business, specialising in the acquisitions of high-performing talent across a number of core disciplines including Information Security.

Gurucul

Gurucul

Gurucul predictive security analytics protects against insider threats, account compromise and data exfiltration on-premises and in the cloud.

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

Cybertekpro

Cybertekpro

Cybertekpro is a specialist insurance broker providing Cyber Liability insurance and cyber risk assessment services.

Secarma

Secarma

Secarma provides penetration testing, security assessments, consultancy, and training services to ensure your digital infrastructure is secure from cybersecurity threats.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Agio

Agio

Agio is a hybrid managed IT and cybersecurity provider servicing the financial services, health care and payments industries.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

CXI Solutions

CXI Solutions

CXI Solutions: Your trusted partner in cybersecurity. We offer a full range of cybersecurity solutions to protect your business from digital attacks and virtual threats.

Hushmesh

Hushmesh

Hushmesh is a start-up aimed at securing the world’s digital infrastructure by developing develop the Mesh, a global information space with automated security built in.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

NoviFlow

NoviFlow

NoviFlow is a leading provider of terabit networking software solutions for Communication Service Providers (CSPs).

Relyance AI

Relyance AI

Relyance AI - One unified platform for privacy, security, & governance.