Wednesday

11th Dec 2019

Focus

Estonia training Nato 'techies' for cyberwar

  • The military barracks hosting Nato's cyber training centre dates back to 1905 (Photo: Valentina Pop)

In an unassuming, renovated military barracks dating back to tsarist times, Nato's cyber defence centre (CCD COE) in Tallinn is training computer experts to secure networks from attacks.

"Don't expect any flashy screens with 3D animations," a training expert warned the visiting group of journalists. The room contained a handful of computers and a projector showing endless rows of code sequences.

Read and decide

Join EUobserver today

Support quality EU news

Get instant access to all articles — and 20 years of archives. 30-day free trial.

... or join as a group

The Nato training centre, set up in 2008, is host to some 30 experts from Germany, Estonia, Spain, Hungary, Italy, Latvia, Lithuania and Slovakia. It organises training seminars and simulations, and examines the legal aspects of cyber defence for military personnel in Nato countries and for defence contractors.

Speaking to EUobserver on the margins of a conference on cyber conflict organised by the centre last week, centre director General Ilmar Tamm said that he would ideally also like to have Nato decision-makers go through some of the trainings on offer.

"In that way they would have a better understanding even of what type of information they would need to know in order to assess the severity of an attack," he said.

He noted that a large denial-of-service attack putting down servers for days - something Estonia experienced in 2007 - may have less damaging consequences than a small, targeted virus able to change the chemical formula at a water clearing station or the speed of a nuclear-enriching centrifuge.

"You also have to evaluate when and how you would expect Nato to step in. The majority of risks in cyber are actually owned by the private sector, which is running the services. So Nato should at least improve information exchange so as to know faster what is going on. Then you can identify who is the best stakeholder to take action," he said.

Smartphones

Tamm identified the increased use of smartphones as one potential vulnerability. "As handheld devices are becoming more like personal computers, they are also becoming the subject of identity theft and the codes are more and more complex. So you will always have bugs in the code - the question is who will abuse it and what for."

Industrial and governmental spying is also on the rise. This is especially the case for attacks originating from China, which Tamm accuses of "collecting specific technology information and then using it for their own needs and benefits."

Over the weekend, the International Monetary Fund was the latest international organisation to admit to a large-scale attack on its servers. It is supposed to have takenn place a few months ago and used the email system to extract valuable information. China is suspected of being behind the attack. A cyber attack on the European Commission earlier this year also saw the finger pointed at China.

Lack of proper 'cyber hygiene' - using webmail for confidential exchanges and confusion over who is responsible for securing the network - often makes it easier for governments and international institutions to be hacked into, Tamm said.

"You need to have stronger agreements with service providers. There is a tendency that your data will be somewhere you don't even know it belongs. If you're based in the EU and go for an Amazon cloud, the servers may be in the US - so they would be subject to US legislation which you have to know if you want to take them to court," he explained.

His centre, for instance, has a webpage hosted by a private company. "But emails are run through separate servers. We have public emails and emails run through the Nato secret system, which can only be accessed from certain working stations. It's not very convenient, but that' the price you have to pay for security."

Detecting an attack is also not easy, especially for smaller companies. Christian Czosseck, a German military computer scientist working at the centre, says that for a medium-sized company, there are some 5 million events a day.

"But you need to filter out to some 100 what could be suspicious activities in order for a human to be able to look at them and find a sequence of 'wrong code'."

One of the trainings on offer from the CCD COE is "botnet infiltration" - learning how to 'take over' the command of a network of zombie computers scattered around the world used to attack governmental or private servers. This is the type of attack Estonia experienced five years ago, with Russia suspected of being behind it.

"Most botnets nowadays have an uninstall or disable functionality, so if you get your hand on a command and control server, you can issue the uninstall me command, which the bots will execute. Still, this has legal issues, because you are sending something without the consent of the owner of the network," Czosseck explained.

If in the US, a company such as Microsoft is able to go to court and get a legal backup for taking down a spamming network of zombie computers, in Europe "it all depends on the local law in every single nation," even though most countries have criminalised botnets.

In an attempt to streamline various provisions, EU justice ministers on Friday agreed to toughen penalties for cybercrimes, including new punishments for people who develop and supply malware or other tools for creating botnets or stealing passwords. Additionally, the illegal interception of computer data will become a criminal offence.

As for the countries behind such attacks, a recent study by the Chatham House floated some 36 states around the world which are developing cyber warfare capabilities.

Keir Giles from the UK-based Conflict Studies Research Centre said that the Russian military is developing so-called information troops capable of conducting "computer network operations" meaning penetration and sabotage of foreign systems, but also the whole spectrum of information warfare, including "systemic counter-propaganda".

And Major General Jonathan Shaw from the British ministry of defence said that despite overall budgetary cuts, the UK government approved an increase in the budget for cyberdefence.

"The war in Libya would also look different if we had the proper cyber capabilities," he pointed out during the conference.

As for the transatlantic view on cyber security, Eneken Tikk, a legal expert with the Tallinn centre said that both the EU and the US have a interest in "keeping the internet demilitarised, so that people can speak to each other freely."

"But there is a conflict in how to defend its functionality, with the US having a more military approach to cyber," she said.

Over-regulation?

The EU, meanwhile, "is in a phase where they deal with every aspect of cyber security, as opposed to the past when there was just the single market approach. There is a trend towards over-regulation, for instance on cybercrime issues," Tikk argued.

She also noted that by declaring IP addresses private information, the EU has created legal challenges for so-called Computer Emergency Response Teams (CERTs) in different EU countries to exchange information in case of an attack. "There is a solution - to make exemptions under the principle of national security, but some countries are slow in doing that."

Smartphones are 'data goldmines' for hackers

Smartphones allows us watch videos, listen to music, check emails, find the nearest restaurant, and update our 'status' on Twitter and Facebook, but with the increased technology comes new and largely under-appreciated security threats.

Opinion

Cyber security: public problem, private answers

New worms, malware, phishing techniques and predatory programmes are born every day. To fight this new intangible enemy, Europe must use its best suited troops: innovative SMEs, says Jonathan Zuck.

Europol wants to host EU cyber crime centre

The EU's joint policy body, Europol, is angling to host a new European cyber crime centre, with the European Commission due next year to decide where to put its new defence against online threats.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

The EU and cyber security

Cloud computing, smartphones, viruses attacking nuclear plants. In the October Focus, the EUobserver turns its attention to cyber security and EU's attempts to set up rules for safer navigation on the internet.

News in Brief

  1. Hungary asked to apologise after council leak
  2. MEPs: Finnish budget proposal 'impossible to implement'
  3. EP committee supports 'Future of EU Conference'
  4. EU survey: climate change must be parliament's priority
  5. Zahradil resigns as rapporteur on EU-Vietnam trade deal
  6. Russia plans 'Arctic Air Defence" with S-400 missiles
  7. Belgium: King does another round of consultations
  8. Thousands protest Orban's theatre clampdown

Exclusive

Zahradil 'conflict of interest' over EU-Vietnam trade deal

Right-wing Czech MEP Jan Zahradil is leading European Parliament negotiations on a trade deal with Vietnam. As rapporteur, he is supposed to be neutral but has neglected to declare his involvement in a group with ties to the Communist party.

Investigation

Data watchdog raps EU asylum body for snooping

The European Asylum Support Office combed through social media to monitor refugee routes to Europe for three years. The agency sent weekly reports on its findings to member states, the EU Commission and institutions such as UNHCR and Interpol.

Stakeholders' Highlights

  1. Nordic Council of Ministers40 years of experience have proven its point: Sustainable financing actually works
  2. Nordic Council of MinistersNordic and Baltic ministers paving the way for 5G in the region
  3. Nordic Council of MinistersEarmarked paternity leave – an effective way to change norms
  4. Nordic Council of MinistersNordic Climate Action Weeks in December
  5. UNESDAUNESDA welcomes Nicholas Hodac as new Director General
  6. Nordic Council of MinistersBrussels welcomes Nordic culture

Latest News

  1. Hungary quizzed over EU rules amid twitter row
  2. Spanish King meets party leaders to break deadlock
  3. EU alarmed by prospects of battle for Tripoli
  4. EU must manage climate and industry together
  5. Does Malta's Labour Party now belong in S&D?
  6. Green Deal targets pit Left against Right in parliament
  7. Human rights abusers to face future EU blacklists
  8. Zahradil 'conflict of interest' probe may flounder

Stakeholders' Highlights

  1. UNESDAUNESDA appoints Nicholas Hodac as Director General
  2. UNESDASoft drinks industry co-signs Circular Plastics Alliance Declaration
  3. FEANIEngineers Europe Advisory Group: Building the engineers of the future
  4. Nordic Council of MinistersNew programme studies infectious diseases and antibiotic resistance
  5. UNESDAUNESDA reduces added sugars 11.9% between 2015-2017
  6. International Partnership for Human RightsEU-Uzbekistan Human Rights Dialogue: EU to raise key fundamental rights issues

Join EUobserver

Support quality EU news

Join us