Cyber Attack, cybercrime, Estonia case study
Estonia suffered a massive cyberattack more than 10 years ago. The event was a defining moment for the country and the world’s approach toward cybersecurity. And it all started with this statue. From the Wanna try ransomware attack to election meddling, cyberattacks are becoming increasingly common, and costly, around the world. Global spending on information security products and services is expected to reach $124 billion in 2019. But that hasn’t been enough to stop cyberattacks from becoming one of the global economy’s biggest threats. So how can governments keep hackers out?
The short answer is they can’t. But that doesn’t mean they’re not trying.
One of the leaders in this space has been the country of Estonia, which gained independence from the Soviet Union in 1991. In 2007, the Estonian government decided to move it here to a less prominent location. The move sparked protests and riots from Estonia’s ethnic Russian population that demanded the statue to stay in place.
Then, Estonian institutions were crippled by a series of cyberattacks. Parliament, government ministries, banks, and newspapers went offline. And though it hasn’t ever been confirmed, it’s widely believed that Russia was behind the attacks.
The 2007 attack on Estonia has been called the first cyberwar, which is defined as The cyberattack was an awake-up call for Estonia, which at the time was already one of the world’s most advanced digital societies. The country decided it needed to take steps to protect data online and prevent future cyberattacks. But how?
How to stop cyber attacks?
The first step was building a strategy that would allow the government to keep systems up and running during a cyberattack. IT experts in the public and private sectors worked together to make systems more resilient against hackers. One part of Estonia’s strategy is a voluntary Cyber Defence League made up of hundreds of civilians, including IT professionals and young people who would mobilize during an attack. Estonia also decided to store copies of its information in a data embassy in Luxembourg, as a backup in case there was a cyberattack on home soil. Which brings us to another key deterrent for cyber threats, international cooperation. NATO, the military alliance between North American and European countries, was a good place to start. In 2008, the 'NATO Cooperative Cyber Defence Center of Excellence' opened here in Tallinn.
NATO Cooperative Cyber Defence Centre of Excellence
Its goal is to enhance NATO’s cyber defense capabilities. The center conducts large-scale cyber defense drills, sort of like digital military training, though it’s not technically a NATO operational unit. It also put together a guide called the Tallinn Manual, which analyzes how to apply existing international law to cyber operations. In 2016, NATO allies agreed that a cyberattack on a member country could trigger the same military response as an attack in the air, on land, or at sea. EU-wide regulation has also upped the penalties against data breaches.
The General Data Protection Regulation, or GDPR, that went into effect in 2018, gave EU regulators the power to fine companies that don’t protect user data. And, unlike in the past, the fines can be massive, up to 4% of global annual turnover or €20 million, whichever is bigger. Still, many countries have not taken steps to prepare for cyber threats. The United Nations found half of its member states don't have a cybersecurity strategy in place. The UN ranks Estonia as the European country most committed to cybersecurity and fifth worldwide after Singapore, the United States, Malaysia, and Oman. But even Estonia isn’t hacker-proof. Authorities still responded to more than10,000 cybersecurity incidents in 2017, one third more than the year before.
Which brings us to one final big step in preventing a cyberattack, getting the public on board. This can be as simple as using two-factor authentication or changing your password from, well, “password.” The research found only one out of every four internet users in Europe changes his or her password regularly because of security and privacy issues. In Estonia, it took an unprecedented cyberattack for the country to become a leader in online security. Other countries might want to take note as the threats of cyberattacks only become bigger and more complex.
Thank you.
No comments
Post a Comment