Tuesday

28th Mar 2023

Estonia training Nato 'techies' for cyberwar

  • The military barracks hosting Nato's cyber training centre dates back to 1905 (Photo: Valentina Pop)

In an unassuming, renovated military barracks dating back to tsarist times, Nato's cyber defence centre (CCD COE) in Tallinn is training computer experts to secure networks from attacks.

"Don't expect any flashy screens with 3D animations," a training expert warned the visiting group of journalists. The room contained a handful of computers and a projector showing endless rows of code sequences.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

The Nato training centre, set up in 2008, is host to some 30 experts from Germany, Estonia, Spain, Hungary, Italy, Latvia, Lithuania and Slovakia. It organises training seminars and simulations, and examines the legal aspects of cyber defence for military personnel in Nato countries and for defence contractors.

Speaking to EUobserver on the margins of a conference on cyber conflict organised by the centre last week, centre director General Ilmar Tamm said that he would ideally also like to have Nato decision-makers go through some of the trainings on offer.

"In that way they would have a better understanding even of what type of information they would need to know in order to assess the severity of an attack," he said.

He noted that a large denial-of-service attack putting down servers for days - something Estonia experienced in 2007 - may have less damaging consequences than a small, targeted virus able to change the chemical formula at a water clearing station or the speed of a nuclear-enriching centrifuge.

"You also have to evaluate when and how you would expect Nato to step in. The majority of risks in cyber are actually owned by the private sector, which is running the services. So Nato should at least improve information exchange so as to know faster what is going on. Then you can identify who is the best stakeholder to take action," he said.

Smartphones

Tamm identified the increased use of smartphones as one potential vulnerability. "As handheld devices are becoming more like personal computers, they are also becoming the subject of identity theft and the codes are more and more complex. So you will always have bugs in the code - the question is who will abuse it and what for."

Industrial and governmental spying is also on the rise. This is especially the case for attacks originating from China, which Tamm accuses of "collecting specific technology information and then using it for their own needs and benefits."

Over the weekend, the International Monetary Fund was the latest international organisation to admit to a large-scale attack on its servers. It is supposed to have takenn place a few months ago and used the email system to extract valuable information. China is suspected of being behind the attack. A cyber attack on the European Commission earlier this year also saw the finger pointed at China.

Lack of proper 'cyber hygiene' - using webmail for confidential exchanges and confusion over who is responsible for securing the network - often makes it easier for governments and international institutions to be hacked into, Tamm said.

"You need to have stronger agreements with service providers. There is a tendency that your data will be somewhere you don't even know it belongs. If you're based in the EU and go for an Amazon cloud, the servers may be in the US - so they would be subject to US legislation which you have to know if you want to take them to court," he explained.

His centre, for instance, has a webpage hosted by a private company. "But emails are run through separate servers. We have public emails and emails run through the Nato secret system, which can only be accessed from certain working stations. It's not very convenient, but that' the price you have to pay for security."

Detecting an attack is also not easy, especially for smaller companies. Christian Czosseck, a German military computer scientist working at the centre, says that for a medium-sized company, there are some 5 million events a day.

"But you need to filter out to some 100 what could be suspicious activities in order for a human to be able to look at them and find a sequence of 'wrong code'."

One of the trainings on offer from the CCD COE is "botnet infiltration" - learning how to 'take over' the command of a network of zombie computers scattered around the world used to attack governmental or private servers. This is the type of attack Estonia experienced five years ago, with Russia suspected of being behind it.

"Most botnets nowadays have an uninstall or disable functionality, so if you get your hand on a command and control server, you can issue the uninstall me command, which the bots will execute. Still, this has legal issues, because you are sending something without the consent of the owner of the network," Czosseck explained.

If in the US, a company such as Microsoft is able to go to court and get a legal backup for taking down a spamming network of zombie computers, in Europe "it all depends on the local law in every single nation," even though most countries have criminalised botnets.

In an attempt to streamline various provisions, EU justice ministers on Friday agreed to toughen penalties for cybercrimes, including new punishments for people who develop and supply malware or other tools for creating botnets or stealing passwords. Additionally, the illegal interception of computer data will become a criminal offence.

As for the countries behind such attacks, a recent study by the Chatham House floated some 36 states around the world which are developing cyber warfare capabilities.

Keir Giles from the UK-based Conflict Studies Research Centre said that the Russian military is developing so-called information troops capable of conducting "computer network operations" meaning penetration and sabotage of foreign systems, but also the whole spectrum of information warfare, including "systemic counter-propaganda".

And Major General Jonathan Shaw from the British ministry of defence said that despite overall budgetary cuts, the UK government approved an increase in the budget for cyberdefence.

"The war in Libya would also look different if we had the proper cyber capabilities," he pointed out during the conference.

As for the transatlantic view on cyber security, Eneken Tikk, a legal expert with the Tallinn centre said that both the EU and the US have a interest in "keeping the internet demilitarised, so that people can speak to each other freely."

"But there is a conflict in how to defend its functionality, with the US having a more military approach to cyber," she said.

Over-regulation?

The EU, meanwhile, "is in a phase where they deal with every aspect of cyber security, as opposed to the past when there was just the single market approach. There is a trend towards over-regulation, for instance on cybercrime issues," Tikk argued.

She also noted that by declaring IP addresses private information, the EU has created legal challenges for so-called Computer Emergency Response Teams (CERTs) in different EU countries to exchange information in case of an attack. "There is a solution - to make exemptions under the principle of national security, but some countries are slow in doing that."

Opinion

Cyber security: public problem, private answers

New worms, malware, phishing techniques and predatory programmes are born every day. To fight this new intangible enemy, Europe must use its best suited troops: innovative SMEs, says Jonathan Zuck.

Smartphones are 'data goldmines' for hackers

Smartphones allows us watch videos, listen to music, check emails, find the nearest restaurant, and update our 'status' on Twitter and Facebook, but with the increased technology comes new and largely under-appreciated security threats.

EU spends €387k on a metaverse, throws low-attendance gala

A metaverse gala event organised for the European Commission on Thursday (29 November) attracted a handful of confused ballon-like avatars. The gala was a part of €387,000 metaverse project, financed by the European Commission's foreign aid department.

Phone spying scandal exposes 'impotent' Europe, says lead MEP

Democracy in Europe is being undermined by alleged government-led spyware on citizens, journalists and politicians, says Dutch liberal MEP Sophie In't Veld, who is lead report writer for a European Parliament probe into the abuse.

Opinion

Big Tech's attempt to water down the EU AI act revealed

The launch of ChatGPT has sparked a worldwide debate on Artificial Intelligence systems. Amidst Big Tech's proclamations that these AI systems will revolutionise our daily lives, the companies are engaged in a fierce lobbying battle to water-down regulations.

Latest News

  1. Biden's 'democracy summit' poses questions for EU identity
  2. Finnish elections and Hungary's Nato vote in focus This WEEK
  3. EU's new critical raw materials act could be a recipe for conflict
  4. Okay, alright, AI might be useful after all
  5. Von der Leyen pledges to help return Ukrainian children
  6. EU leaders agree 1m artillery shells for Ukraine
  7. Polish abortion rights activist vows to appeal case
  8. How German business interests have shaped EU climate agenda

Stakeholders' Highlights

  1. Nordic Council of MinistersNordic and Baltic ways to prevent gender-based violence
  2. Nordic Council of MinistersCSW67: Economic gender equality now! Nordic ways to close the pension gap
  3. Nordic Council of MinistersCSW67: Pushing back the push-back - Nordic solutions to online gender-based violence
  4. Nordic Council of MinistersCSW67: The Nordics are ready to push for gender equality
  5. Promote UkraineInvitation to the National Demonstration in solidarity with Ukraine on 25.02.2023
  6. Azerbaijan Embassy9th Southern Gas Corridor Advisory Council Ministerial Meeting and 1st Green Energy Advisory Council Ministerial Meeting

Join EUobserver

Support quality EU news

Join us