Malware from Russia with Love on Its Way to You
Not directly Estonian, but definitely related.
Actually, more than most think
Hey Marc,
In fact, what you posted is indeed Estonia related. I've lost count, but managed to capture some of the IPs for our IT wizards.
The F Secure and Norton anti-virus programs we use indicate the same Russian-based IPs nearly every day, even on my home PC.
Quote:
Security professionals and analysts said they were not surprised by the figures.
"Recent statistics indicate that one in every 10 Web sites is infected with malware," said Forrester Research analyst Chenxi Wang. "Therefore it is highly likely that an unsuspecting Web consumer—one that does not have adequate protection in place—would encounter a malware hosting Web site browsing the Internet."
Estonia gets tough on cyber crime
TALLINN - With 'cyber attacks' becoming an increasingly common phenomenon, Estonian lawmakers are considering amendments to the penal code that would put such online offenses on a par with terrorism.
Quote:
A computer attack would become an act of terrorism when committed with the same aims as a conventional act of terrorism. Under existing law, crimes of terror are crimes whose goal is to seriously upset or destroy the country's political, constitutional, economic or social order.
Crimes of terrorism are punishable by between 5 years and life (25 years) in jail.
The Estonian Ministry of Justice began drafting the amendments after the cyber attacks that targeted Estonia's government agencies, major banks and newspapers in April and May. The current laws deal with computer crime as something that has personal or financial gain as the final aim, which was not the case with the spring attacks against Estonia's IT infrastructure.
Sentences for other computer-related crimes are already being extended. After the amendments take effect it will be possible to punish hackers with a maximum three years in jail instead of the present one year. For computer fraud and spreading computer viruses caught on a repeat offense or after causing extensive damage the maximum punishment will be five years.
The ministry wishes to add to the penal code an article dealing with the preparation to commit a cyber offense, which would deal with cases when hackers make, use or disseminate a computer network element, program, password or code for the purpose of committing a cyber offense.
The bill is based on the
Council of Europe convention against cyber crimes.
Estonian President Addresses the UN on Cyber Crimes
During his D.C.and NY visits, Estonian President Ilves addressed the UN emphasizing the need for a comprehensive cyberspace law.
From the U.N. News Centre
Quote:
“Cyber attacks are a clear example of contemporary asymmetrical threats to security,” he said at the annual high-level debate. “They make it possible to paralyze a society, with limited means, and at a distance. In the future, cyber attacks may in the hands of criminals or terrorists become a considerably more widespread and dangerous weapon than they are at present.”
The President said the threat posed by cyber attacks was often underestimated because they have so far not resulted in the loss of any lives and many attacks are not publicized for security reasons.
He called for cyber crimes to be defined internationally and generally condemned in the way that terrorism or human trafficking is denounced.
“Fighting against cyber warfare is in the interests of us all without exception,” Mr. Ilves said, calling on all countries to accede to the Convention on Cyber Crime of the Council of Europe. The pact is also open for accession to non-members of the Council of Europe.
The President welcomed the launch of the Global Cybersecurity Agenda of the International Telecommunication Union (ITU), and said the UN should serve as the “neutral and legitimate forum” for the eventual creation of a globally negotiated and comprehensive law of cyberspace.
Estonia's CTO speaks out on Cyber Attacks
Speaking to ZDNet at the RSA Conference Europe 2007 in London, Mikhel Tammet, director of the Estonian communication and information technology department, said he believes forces within the Russian government may have initiated and sponsored attacks against his country's critical national infrastructure earlier this year.
Quote:
Tammet added that, while it was not possible to put a face to the attackers nor to prove any direct connection to the Russian authorities, all previous attacks with a political aim emanating from Russia had their roots in government action.
"It's been that way in Russia for centuries," said Tammet. "The attack was 50 percent emotions, 50 percent something else, but we can't define what that something is. There was an organisation behind it, but we can't [definitively] say if it's the government or criminals, or both."
USA to Contribute to Proposed NATO Cyber Defence Centre in Estonia
From Defense World and the Estonian Embassy in DC:
Quote:
The United States of America has expressed its intention to participate in the work of the proposed NATO Centre of Excellence on Cooperative Cyber Defence, to be established in Estonia.
The Deputy Undersecretary of the US Navy, Marshall Billingslea, informed the Ministry of Defence of the Republic of Estonia in a letter that the USA considers it important to work with Estonia on cyber issues. Marshall Billingslea's letter stated that the US Navy would send one of its top cyber defence experts to the NATO Centre of Excellence on Cooperative Cyber Defence in Estonia. Marshall Billingslea also mentioned that he was exceedingly pleased to tell that the Department of the Navy would like to work with Estonia on cyber issues.
In the view of the Minister of Defence of the Republic of Estonia, Mr. Jaak Aaviksoo, the only way to combat new security threats such as cyber attacks is through close co-operation. Together with Germany and Spain, which have joined Estonia with the NATO Centre of Excellence on Cooperative Cyber Defence, the support of the USA is not only proof of the strong alliance between our countries but also a crystal clear message of divided threat awareness.
Source: Estonian Ministry of Defence, 10/22/2007
Swedish experts to assist in Estonia’s cyber security strategy
During an 8 November meeting between Estonian Minister of Defense Jaak Aaviksoo and Swedish Minister of Defense Sten Tolgfors, cooperation between the European Union and NATO, the future and reforms of the NATO Response Forces (NRF) and current military operations were discussed.
Quote:
The ministers also dealt with issues of cyber security. Both parties stressed that international co-operation, especially between international information security networks, is very important due to the lack of boundaries between networks. A good example of such co-operation is the assistance of Swedish experts in the successful deterring of co-ordinated cyber attacks aimed at Estonia last spring, and the exchange of experiences with Swedish experts for the development of Estonia’s cyber security strategy.
Mr. Aaviksoo also visited the Swedish Emergency Management Agency (SEMA) as part of his visit; one function of SEMA is to co-ordinate the activities of different institutions in the sphere of cyber security.
UN Approves Resolution Related to Cyber Attacks
Source: Estonian Ministry of Foreign Affairs, Published Monday, 5 November, 2007
Quote:
The United Nations Disarmament and International Security Committee in New York accepted a resolution on Thursday, 1 November, which addresses developments in the fields of information technology and telecommunication in the context of international security.
The resolution expresses concern that the security of states can be compromised by means of information or telecommunication technology.
The European Union Presidency Portugal made a statement upon the approval of the resolution in which they highlighted potential threats to cyber security, which can originate from organized criminals, terrorists, or co-ordinated attacks by individuals influenced by political propaganda.
According to Estonian ambassador to the UN Tiina Intelmann, the Presidency’s speech was largely motivated by the cyber attacks on Estonian government establishment, media and bank web pages in the spring. “What occurred in Estonia could happen to some other nation at any time,” Intelmann noted.
Intelmann added that one possibility for combating malicious or illegal use of information technology would be to declare such actions criminal. “For this, an international legal framework must be created,” said Intelmann.
Intelmann confirmed that both Estonia and the EU have called upon all UN member nations to join the Council of Europe’s Convention on Cybercrime, which came into effect in 2004 and was initiated by Estonia, among other nations.
On the basis of the resolution, a group of government experts will be formed in 2009. The group will be responsible for researching both existing and potential threats to information safety, and to make proposals as to how preventive measures could be taken.