For Estonia, cybersecurity is too important to be left to experts alone. There, everyone, from schoolchildren to volunteer “cyber-warriors,” contributes to helping some of the world’s best IT advocates keep the country safe.
Hypervigilance is necessary. Almost all government services are available online, while Estonia needs to be constantly alert to cyber threats and other threats from neighboring Russia.
Estonians have learned that the ransomware attack on Ireland’s health service is a nightmare scenario that can only be prevented by investing in technology and a lifelong computer education that begins very soon.
“The Estonian digital mindset begins in the early days of kindergarten,” said Robert Krimmer, a professor of e-governance at the University of Tartu.
“The first time my kids saw computer technology, apart from home phones, they were playing with little robots in the kindergarten arena at the age of four. Thus, Estonian children are exposed to programming and taking care of computer systems even before they learn to read and write. Eliminate that fear. ”
Huge attack of 2007
Jaan Priisalu, one of Estonia’s leading cybersecurity researchers, said a major 2007 attack on the websites of the guilty country in Russia sparked a global debate over how to defend the virtual realm and changed the attitude of the cyber-security community. his nation with respect to computer education.
“Cybersecurity became part of the curriculum and now there are exercises for young people and organizations … All schools choose a specialization and some have chosen cybersecurity,” he explained.
“Cyber is difficult because people tend to classify it as part of the world of technicians and believe that technicians should take care of it … But hackers are really attacking society’s processes, so technicians and politicians cannot solve it separately. ”
Priisalu was the head of computer security at Estonia’s largest bank in 2007 when, during a political dispute with Moscow, his country suffered what is considered the first cyber attack on an entire state, crashing ministry websites. government, major financial institutions and the media.
The attack focused minds and funds on cybersecurity, which led NATO in 2016 to declare the Internet a domain of defensive operations alongside land, sea and air, and forced Estonia to re-evaluate the way to defend his own sovereignty, which he had lost to the Soviet Union. decades to 1991.
A few months after the 2007 cyberattack, a proposal was made to form a cyber unit of the Estonian Defense League, a voluntary militia rooted in Russia’s 1918 declaration of independence from the country.
In peacetime, Defense League volunteers are waiting to help Estonian emergency services, while they are regularly trained for the role they were expected to play during an invasion or other security crisis, inflating the the nation’s military ranks of 1.3 million people and leading sabotage operations.
“The Defense League is designed to be like the glue that unites people,” said Priisalu, who helped launch the league’s cyberunit in 2010 and still works on his arm in the capital, Tallinn, which be a co-founder.
The cyber unit brings together IT experts and other volunteers from the state and private sector, who train their colleagues in cybersecurity, give talks to schools and organizations, and participate in military exercises.
“It’s part of the culture of the Defense League. Some people go out into the woods to learn how to shoot, and we learn and teach how to do cybernetic things, ”Priisalu said.
“It’s a mix of novices and teachers. Exercises are an essential part of preparation … and we also try to educate our members simply by giving lectures and talking to people about things like forensics (computer science), how to dissect a computer, what to look for and how to take care and not make mistakes, “he added.
“In a conflict, the cyber (element) could happen two months before the kinetic conflict. It’s often a warning sign. ”
Estonia’s multilayered defense-protected online infrastructure is one of the most advanced in the world and could serve as a model for Ireland’s drive to move many online public services as part of its “renewal strategy”. of the civil service 2030 “.
Estonia’s 30-year drive to become a “digital-first” society means that its citizens now enjoy an almost paper-free relationship with the state, which allows them to do everything from voting, to filing lawsuits, to prescribing online prescriptions.
Estonians access public services with a personal digital identification card and data sent between individuals and state agencies is protected by asymmetric encryption; the information is stored in the government cloud and backed up at a “data embassy” in Luxembourg, far from any threat to the hardware in the Baltic state.
Mined by mistakes
However, Raul Rikk, director of national cybersecurity in Estonia, leaves no sign of complacency, saying that all systems can be undermined by the mistakes and negligence of their users, and the determination and skill of some hackers. .
“Of course, there has been technology-based innovation in Estonia that allows us to exchange data securely between the private sector, the public sector and citizens. And it’s really well protected, “he told The Irish Times.
“But when we talk about ransomware in the health sector, like Irish history, it’s a different thing … I can say that I hope that most government organizations in Estonia are well protected, but when it comes to semi-governmental organizations like hospitals and schools, they might not have implemented cybersecurity so well. ”
Rikk says Estonia’s general rule is that 10-15% of all organizations ’IT budget should be spent on cybersecurity, but a receipt from a single computer operator can still undo the plans better established.
“We pay a lot of attention to cyber, and in certain areas we are very well organized. But all organizations have responsibilities that depend on them … Cyberattacks are becoming more complex, increasingly sophisticated, so we have to make changes constantly, ”he explained.
“Attempts (to breach the systems) have been many, many times greater than five years ago. Now it’s like someone walking down the street trying on all the doors … so the question is if the homeowner has a lock strong enough so that nothing bad happens. Therefore, all organizations must implement a very systematic approach to cybersecurity.
Ireland is now in the process of becoming a collaborating partner of NATO’s Cooperative Cyber Defense Center of Excellence, based in Tallinn, where NATO states and allies develop and share skills. computer security and do exercises.
“The exchange of information (about threats) in the EU and NATO is done on a daily basis and is very good,” Rikk said.
“But everyone has recognized that if something really happens on a large scale across Europe or the EU, we need much better crisis management measures than we currently have.”
Rikk and Priisalu warned that a ransomware attack could hide a deeper intelligence-gathering operation by state security agencies, which are often difficult to distinguish from criminal groups.
“Ransomware is a very visible attack. It’s also perfect for covering your tracks, ”said Priisalu, a former general manager of the country’s leading IT agency, the authority of the Estonian information system.
“You encrypt everything and let everyone believe that this was the only thing you did. The target is busy with the consequences of the ransomware attack and to solve this situation, so the crime provides the perfect coverage for an intelligence operation. ”