Swedish experts to assist in Estonia’s cyber security strategy
During an 8 November meeting between Estonian Minister of Defense Jaak Aaviksoo and Swedish Minister of Defense Sten Tolgfors, cooperation between the European Union and NATO, the future and reforms of the NATO Response Forces (NRF) and current military operations were discussed.
Quote:
The ministers also dealt with issues of cyber security. Both parties stressed that international co-operation, especially between international information security networks, is very important due to the lack of boundaries between networks. A good example of such co-operation is the assistance of Swedish experts in the successful deterring of co-ordinated cyber attacks aimed at Estonia last spring, and the exchange of experiences with Swedish experts for the development of Estonia’s cyber security strategy.
Mr. Aaviksoo also visited the Swedish Emergency Management Agency (SEMA) as part of his visit; one function of SEMA is to co-ordinate the activities of different institutions in the sphere of cyber security.
UN Approves Resolution Related to Cyber Attacks
Source: Estonian Ministry of Foreign Affairs, Published Monday, 5 November, 2007
Quote:
The United Nations Disarmament and International Security Committee in New York accepted a resolution on Thursday, 1 November, which addresses developments in the fields of information technology and telecommunication in the context of international security.
The resolution expresses concern that the security of states can be compromised by means of information or telecommunication technology.
The European Union Presidency Portugal made a statement upon the approval of the resolution in which they highlighted potential threats to cyber security, which can originate from organized criminals, terrorists, or co-ordinated attacks by individuals influenced by political propaganda.
According to Estonian ambassador to the UN Tiina Intelmann, the Presidency’s speech was largely motivated by the cyber attacks on Estonian government establishment, media and bank web pages in the spring. “What occurred in Estonia could happen to some other nation at any time,” Intelmann noted.
Intelmann added that one possibility for combating malicious or illegal use of information technology would be to declare such actions criminal. “For this, an international legal framework must be created,” said Intelmann.
Intelmann confirmed that both Estonia and the EU have called upon all UN member nations to join the Council of Europe’s Convention on Cybercrime, which came into effect in 2004 and was initiated by Estonia, among other nations.
On the basis of the resolution, a group of government experts will be formed in 2009. The group will be responsible for researching both existing and potential threats to information safety, and to make proposals as to how preventive measures could be taken.
Estonia as a cyberwar case study
Austin Bay has an interesting article at RCP which uses the Estonian Cyberwar as a case study.
http://www.realclearpolitics.com/art...yberspace.html
Estonia vs. Russia The DDOS War
Birmingham InfraGard June 2007
Quote:
NashiHackers
Konstantin Goloskov, a Nashiactivist, told the Rosbaltnews agency on May 2 that he personally took part in cyber-attacks on Estonian websites. But he denied that Moscow state offices were used. The hacking, he said, was done from the breakaway Moldovan region of Transdniester.
How to respond?
"There is a discussion over how cyber aggression should fit into current law and whether a conventional attack would be suitable retaliation”
(Johannes Ullrich, chief technology officer at the SANS Institute) quoted in the Wall Street Journal.
Putin on Estonia
The May 25th Moscow Times explains Putin’s thoughts on Estonia
–Estonians betrayed his father’s NKVD sabatogeunit to the Germans. (24 of the 28 were captured, his father escaped, being carried across a frozen river, badly injured, under German fire)
–The Soviets explained in 1989 to the Estonians that the Molotov-Ribbentrop pact of 1939 did not reflect current Soviet policy. “Do you think we must do this every year?”he asked an Estonian reporter, mocking her Russian accent.
–The article makes it clear that Putinsees the removal of the statue as an insult to his father and other Russians who fought the Nazis in Estonia.
Youth organizations familiar with Cyber War tactics
•pro-Kremlin groups, such as Nashi, Young Russia, and Mestniye, and ultranationalist youth organizations, like The Other Russia and Movement Against Illegal Immigration have all had their websites attacked in the past few months.
•Alexander Kalugin, a spokesman for Young Russia, said his group was DDOSedfor six hours in March, saying the attack was by Estonians angered at their protests.
•His group burned Estonian banners and trampled an effigy of the Estonian president, which led to the cyber retaliation.
An interesting and very detailed recap. 31 page pdf at the link.
More Cyberwar as Four ethnic Russians go to trial
4 Suspects Go on Trial Over Riots in Estonia
Quote:
Estonian news providers reported renewed disruption to their services over the weekend before the opening of the trial.
Estonia's computer emergency response team said the Friday incident was a denial of service attack from machines around the world.
The suspects are Dmitry Linter, Maxim Reva, Dmitry Klensky and Mark Sirik. They pleaded not guilty.
The charges said the first three were leaders of a Russian activist group in Estonia, Night Watch, while the fourth is head of the Estonian chapter of the pro-Kremlin youth group Nashi.
The unrest in April coincided with attacks on Estonian web sites, some of which the authorities said they traced to Russian government servers. Russia has denied any involvement.
Prosecutors say the rioting was planned well in advance and was not a spontaneous reaction to the memorial's removal. They say the defendants began plotting in mid-2006, when the government first discussed the memorial. Prosecutors also accuse the Russian government of providing them with financial support, a charge that Russian authorities have denied.
Student Convicted in Attack Against Estonian Web Site
20-year-old ethnic Russian student Dmitri Galushkevich, has been fined for participating in last year's cyberattack against Estonian Web sites.
Quote:
Dmitri Galushkevich used his home PC to launched a denial-of-service attack that knocked down the Web site for the political party of Estonia's prime minister for several days, said Gerrit Maesalu, spokesman for the Northeast District Prosecutor's Office in Tallinn...Galushkevich must pay 17,500 kroons (US$1,642).
"He [Galushkevich] wanted to show that he was against the removal of this bronze statue," Maesalu. "At the moment, we don't have any other suspects."
'We Traced the Cyberwar -- It's Coming From Inside the Country!'
Quote:
You'll recall that Estonia blamed the Russian government for last spring's DDoS attacks, and even considered invoking NATO Article 5 to marshal a multinational military counter attack against Russia -- a perfectly reasonable response to a bunch of websites being overloaded with unwanted traffic. Wired magazine sent a reporter to Russia to try and track down the culprits, but Vladimir Putin's ruthless cyber brigade proved elusive.
And so it comes as quite a shock to THREAT LEVEL to learn that the attacker convicted today isn't a member of the Russian military, nor is he an embittered cyber warrior in Putin's secret service. He doesn't even live in Russia. He's an ethnic Russian who lives in Estonia, who was pissed off over that whole statue thing.
Estonia calls for EU law to combat cyber attacks
Computer Crime Research Center
Quote:
STRASBOURG, France (Reuters) - Estonia called on the European Union on Wednesday to make cyber attacks a criminal offense to stop Internet users from freezing public and private Web sites for political revenge.
Estonian President Toomas Hendrik Ilves said he believed the Russian government was behind an online attack on Estonia over its decision to move a Red Army monument from a square in the capital Tallin. Russia has denied any involvement.
"Russian officials boasted about having done it (cyber attacks) afterwards -- one in a recent interview a month and a half ago saying we can do much more damage if we wanted to," he told Reuters in an interview.
"We now have a much clearer understanding that we need to have a legislative basis for prosecuting cyber crime because it is a crime," Ilves said.
"That is something we are pushing for within the European Union and within NATO as well, where we can. It's almost by definition a cross-border crime," Ilves added.
"The UK has good legislation and the United States has good legislation. France has better than most and the rest of the EU does not really have this kind of legislation," Ilves said.
Estonia prepares for repeat of cyberattacks on anniversary
Bobbie Johnson, technology correspondent
The Guardian, Monday April 7 2008
Quote:
Estonia is bracing itself for a repeat of the internet attacks which nearly brought its government to a halt last year, the Guardian has learned.
With the anniversary of the attacks looming, senior officials are preparing for a repeat performance. One official said there had been many smaller attempts to hack into government systems during the last 12 months but they were not as organised or successful as last year's attacks.
A 20-year-old Estonian, Dmitri Galushkevich, has been arrested in relation to those attacks and was fined £880. But Estonian sources say the strikes originated largely from across the country's eastern border.
Those attacks prompted speculation that computer hacking was being widely used as a weapon, not just espionage. Such feelings were compounded when it emerged that another group of organised hackers - known by investigators as Titan Rain and believed to operate from inside China - had launched a series of strikes against western governments.
Estonia gears up for anniversary cyberattacks
Apr 09, 2008
In cooperation with NATO
Quote:
After last April saw the removal of a Soviet memorial in Tallinn, and the subsequent protests and cyber attacks that ensued, Estonia is ready for a repeat.
Last month Suleyman Anil, NATO’s computer incident response center head, stated that: "We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem,"
The attacks last year nearly brought the government to a halt and public services were severely immobilized.
Experts believe that despite an arrest made last year of an Estonian-Russian, the attacks originate from across the border in Russia.
At the NATO summit in Bucharest last week, plans for cyber defense in Estonia were discussed as well as plans for a permanent defense center.
Estonia is one of the cyber leaders of Europe, holding its first online election in 2005.
Cyber attackers strike again
TALLINN- Days before the May 9th Russian Victory Day celebrations, members of the 10th parliament of Estonia were hit with a flurry of cyber attacks from Russia.
Quote:
Marko Mihkelson, a member of the Estonian Parliament from the Pro Patria and Res Publica faction, said members of the previous Estonian parliament fell victime to the attacks on Sunday.
"E-mail messages with the .ru domain name speak to us about the Bronze Soldier, Victory Day, Estonia's "pro-fascism" and other well-known repertory. A set of e-mail addresses of the members of our 10th parliament is widely circulating in the Russian cyberspace, and so it is not very difficult to launch such an attack," Mihkelson wrote in his blog.
He said that contrary to last year's spam attacks, when the contents of the e-mails were largely the same, Sunday's texts were different although with the same undertone. "The next days until May 9 will show whether we have to do with some kind of a wider action or the effort gradually peters out," Mihkelson said.
Dozens of members of parliament mainly from the Reform Party and the conservative Pro Patria and Res Publica Union received such e-mails during last year's April disturbances and a few months earlier, after the parliament passed an act on prohibited structures.
For ethnic Estonians the monument symbolizes the nearly 50 years of Soviet occupation of Estonia, while many Russian-speakers see it only as a symbol of the Russian role in the liberation of Europe of Nazis in World War II.
Russian hackers that are not satisfied
with the interpretation of the events of World War II and the policy in the Baltic countries promised a cyber war against Baltic nations and illustrating the Baltics' web pages with five-pointed stars.
Russian hackers promise an uniform attack against Baltics
Quote:
The actions of the Baltic countries that are trying to re-write the history and delete the past events form the memories of their residents have crossed all reasonable limits, delfi.ee mediates hackers’ letter in Russian newspaper Smena.
According to the hackers’ plan, the layout of Baltic countries’ web pages will be changed. The visitors will see large red stars, photos of the soldiers that liberated Riga, Tallinn and Vilnius from the fascists and calls of not forgetting the past.
U.S. not ready for cyber attack
"We know that if someone shoots missiles at us, they're going to get a certain kind of response. What happens if it comes over the Internet?,"
Quote:
The United States is unprepared for a major hostile attack against vital computer networks, government and industry officials said on Thursday after participating in a two-day "cyberwar" simulation.
The game involved 230 representatives of government defense and security agencies, private companies and civil groups. It revealed flaws in leadership, planning, communications and other issues, participants said.
Wednesday must be a bad hair day
But I enjoy the sarcasm and otherwise hate being behind a computer :D
I for one have troubles with the mere use of "cyber" other than in a good film with Arnold Schwarzenegger :rolleyes:
Wilf's comments seem to be some of the best examples in simple, easy to use terms (for a guy like me that must perform without the benefit of comms other than our wireless robot and X-ray).
IMO cyber warfare much like EW contributes to the success of IO. Cyber warefare possesses both offensive and defensive tactics, and when employed correctly can not only disrupt, but also exploit your enemy.
DDoS is far too simplistic a term for what most continue to assume occurred in Estonia. Georgia's use of/reliance on computers (that is if you happen to own a computer and live within 5 kilometers from the city center where one might connect) is not even remotely similar. In any case, the so-called non-state actors were not waging war, they were employing cyber in support of their ongoing operations.
It's all relative and darn simple for a minion like me. To employ such cyber operations in say Africa would be a true waste of time (similar to shutting off the electricity in a country that barely has 4 hours of electricity per day). Shut the power off in say West Bend for 8 hours (intentionally) and you'll have a full scale riot on your hands (assuming you don't have a 5KW in your back yard).