Thursday

1st Oct 2020

Estonia training Nato 'techies' for cyberwar

  • The military barracks hosting Nato's cyber training centre dates back to 1905 (Photo: Valentina Pop)

In an unassuming, renovated military barracks dating back to tsarist times, Nato's cyber defence centre (CCD COE) in Tallinn is training computer experts to secure networks from attacks.

"Don't expect any flashy screens with 3D animations," a training expert warned the visiting group of journalists. The room contained a handful of computers and a projector showing endless rows of code sequences.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

The Nato training centre, set up in 2008, is host to some 30 experts from Germany, Estonia, Spain, Hungary, Italy, Latvia, Lithuania and Slovakia. It organises training seminars and simulations, and examines the legal aspects of cyber defence for military personnel in Nato countries and for defence contractors.

Speaking to EUobserver on the margins of a conference on cyber conflict organised by the centre last week, centre director General Ilmar Tamm said that he would ideally also like to have Nato decision-makers go through some of the trainings on offer.

"In that way they would have a better understanding even of what type of information they would need to know in order to assess the severity of an attack," he said.

He noted that a large denial-of-service attack putting down servers for days - something Estonia experienced in 2007 - may have less damaging consequences than a small, targeted virus able to change the chemical formula at a water clearing station or the speed of a nuclear-enriching centrifuge.

"You also have to evaluate when and how you would expect Nato to step in. The majority of risks in cyber are actually owned by the private sector, which is running the services. So Nato should at least improve information exchange so as to know faster what is going on. Then you can identify who is the best stakeholder to take action," he said.

Smartphones

Tamm identified the increased use of smartphones as one potential vulnerability. "As handheld devices are becoming more like personal computers, they are also becoming the subject of identity theft and the codes are more and more complex. So you will always have bugs in the code - the question is who will abuse it and what for."

Industrial and governmental spying is also on the rise. This is especially the case for attacks originating from China, which Tamm accuses of "collecting specific technology information and then using it for their own needs and benefits."

Over the weekend, the International Monetary Fund was the latest international organisation to admit to a large-scale attack on its servers. It is supposed to have takenn place a few months ago and used the email system to extract valuable information. China is suspected of being behind the attack. A cyber attack on the European Commission earlier this year also saw the finger pointed at China.

Lack of proper 'cyber hygiene' - using webmail for confidential exchanges and confusion over who is responsible for securing the network - often makes it easier for governments and international institutions to be hacked into, Tamm said.

"You need to have stronger agreements with service providers. There is a tendency that your data will be somewhere you don't even know it belongs. If you're based in the EU and go for an Amazon cloud, the servers may be in the US - so they would be subject to US legislation which you have to know if you want to take them to court," he explained.

His centre, for instance, has a webpage hosted by a private company. "But emails are run through separate servers. We have public emails and emails run through the Nato secret system, which can only be accessed from certain working stations. It's not very convenient, but that' the price you have to pay for security."

Detecting an attack is also not easy, especially for smaller companies. Christian Czosseck, a German military computer scientist working at the centre, says that for a medium-sized company, there are some 5 million events a day.

"But you need to filter out to some 100 what could be suspicious activities in order for a human to be able to look at them and find a sequence of 'wrong code'."

One of the trainings on offer from the CCD COE is "botnet infiltration" - learning how to 'take over' the command of a network of zombie computers scattered around the world used to attack governmental or private servers. This is the type of attack Estonia experienced five years ago, with Russia suspected of being behind it.

"Most botnets nowadays have an uninstall or disable functionality, so if you get your hand on a command and control server, you can issue the uninstall me command, which the bots will execute. Still, this has legal issues, because you are sending something without the consent of the owner of the network," Czosseck explained.

If in the US, a company such as Microsoft is able to go to court and get a legal backup for taking down a spamming network of zombie computers, in Europe "it all depends on the local law in every single nation," even though most countries have criminalised botnets.

In an attempt to streamline various provisions, EU justice ministers on Friday agreed to toughen penalties for cybercrimes, including new punishments for people who develop and supply malware or other tools for creating botnets or stealing passwords. Additionally, the illegal interception of computer data will become a criminal offence.

As for the countries behind such attacks, a recent study by the Chatham House floated some 36 states around the world which are developing cyber warfare capabilities.

Keir Giles from the UK-based Conflict Studies Research Centre said that the Russian military is developing so-called information troops capable of conducting "computer network operations" meaning penetration and sabotage of foreign systems, but also the whole spectrum of information warfare, including "systemic counter-propaganda".

And Major General Jonathan Shaw from the British ministry of defence said that despite overall budgetary cuts, the UK government approved an increase in the budget for cyberdefence.

"The war in Libya would also look different if we had the proper cyber capabilities," he pointed out during the conference.

As for the transatlantic view on cyber security, Eneken Tikk, a legal expert with the Tallinn centre said that both the EU and the US have a interest in "keeping the internet demilitarised, so that people can speak to each other freely."

"But there is a conflict in how to defend its functionality, with the US having a more military approach to cyber," she said.

Over-regulation?

The EU, meanwhile, "is in a phase where they deal with every aspect of cyber security, as opposed to the past when there was just the single market approach. There is a trend towards over-regulation, for instance on cybercrime issues," Tikk argued.

She also noted that by declaring IP addresses private information, the EU has created legal challenges for so-called Computer Emergency Response Teams (CERTs) in different EU countries to exchange information in case of an attack. "There is a solution - to make exemptions under the principle of national security, but some countries are slow in doing that."

Smartphones are 'data goldmines' for hackers

Smartphones allows us watch videos, listen to music, check emails, find the nearest restaurant, and update our 'status' on Twitter and Facebook, but with the increased technology comes new and largely under-appreciated security threats.

Opinion

Cyber security: public problem, private answers

New worms, malware, phishing techniques and predatory programmes are born every day. To fight this new intangible enemy, Europe must use its best suited troops: innovative SMEs, says Jonathan Zuck.

Europol wants to host EU cyber crime centre

The EU's joint policy body, Europol, is angling to host a new European cyber crime centre, with the European Commission due next year to decide where to put its new defence against online threats.

EU struggling to fight cyber crime

Faced with increasing cyber attacks, the EU is looking at a new law criminalising the use of 'zombie' computers and is setting up a 'cyber crime' agency and special teams of IT firefighters. But specialists and data privacy defenders remain unconvinced.

The EU and cyber security

Cloud computing, smartphones, viruses attacking nuclear plants. In the October Focus, the EUobserver turns its attention to cyber security and EU's attempts to set up rules for safer navigation on the internet.

Column

A 'geopolitical' EU Commission. Great idea - but when?

Safeguarding Europe's position starts with recognising the unpleasant reality that Europe's power is waning. Behind the facade of European cooperation, national self-interest still predominates and that has never been any different.

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic Council meets Belarusian opposition leader Svetlana Tichanovskaja
  2. Nordic Council of MinistersNordic Region to invest DKK 250 million in green digitalised business sector
  3. UNESDAReducing packaging waste – a huge opportunity for circularity
  4. Nordic Council of MinistersCOVID-19 halts the 72nd Session of the Nordic Council in Iceland
  5. Nordic Council of MinistersCivil society a key player in integration
  6. UNESDANext generation Europe should be green and circular

Latest News

  1. Celebrate with us. EUobserver's 20 years of independent EU news
  2. Ban on Catalan leader condemned as 'disproportionate'
  3. EU defends Jourova over Hungary's resignation demand
  4. A 'geopolitical' EU Commission. Great idea - but when?
  5. The EU's new rule of law report - pushing at an open door?
  6. EU tries to avoid lockdowns as global death toll reaches 1m
  7. Reports: Turkey sent Syrian fighters to Azerbaijan
  8. German presidency tries to end EU's rule-of-law battle

Stakeholders' Highlights

  1. Nordic Council of MinistersNEW REPORT: Eight in ten people are concerned about climate change
  2. UNESDAHow reducing sugar and calories in soft drinks makes the healthier choice the easy choice
  3. Nordic Council of MinistersGreen energy to power Nordic start after Covid-19
  4. European Sustainable Energy WeekThis year’s EU Sustainable Energy Week (EUSEW) will be held digitally!
  5. Nordic Council of MinistersNordic states are fighting to protect gender equality during corona crisis
  6. UNESDACircularity works, let’s all give it a chance

Join EUobserver

Support quality EU news

Join us