Europe’s (virtual) soft underbelly

Author (Person) ,
Series Title
Series Details 27.09.07
Publication Date 27/09/2007
Content Type

Two MEPs discuss security and technology.

Tunne Kelam

Estonia is a country with an electronic identity. Practically every possible service has also an alternative in the virtual world. Some 97% of bank transactions are carried out on-line. What happens when this virtual world is suddenly nearly paralysed?

Estonians experienced this in April and May, when their country became the target of a large scale cyber attack.

There seems to be a clear political connection between the riots of 26-27 April in Tallinn organised by Russian extremist youth groups (several of whom had entered the country from Russia) and the start of the on-line attacks that has been called the first cyber war.

The riots started in the night of 26 April. The next day, the first websites calling for the launching of attacks against Estonia appeared. Massive cyber attacks against many key government websites and several information and media infrastructures were carried out, some of which had to shut down temporarily. During these attacks, the volume of cyber traffic from outside Estonia targeting government institutions and Estonian news portals exceeded the normal rate by several hundred times. In addition, the website of Prime Minister Andrus Ansip’s Reform Party was defaced.

Companies, banks and even schools were also targeted and the websites of some other political parties were defaced - for instance, fake apologies for the actions of Estonian police and vulgar political slogans in the Russian language were added. The usual method was to congest the target server’s network with meaningless data from a single point of origin. Attackers used large networks of remotely controlled malware-infected computers to amplify the impact. Many Estonian news portals went off-line for a period of time, especially during the initial phase of the attacks. The comment sections of these portals were heavily bombarded by spam networks.

On 10 May, a massive attack targeted Hansapank - the biggest Estonian bank. The bank suffered a temporary loss of on-line services. In addition, Hansapank services became partially unavailable outside Estonia. On 15 May there were similar attacks conducted against SEB Eesti Ühispank - the second biggest bank. Blocking of bank websites proved to be the most effective way to hamper the everyday routine of tens of thousands of people.

Discussion is continuing on identifying the perpetrators. However, all the evidence points to well-co-ordinated, well-equipped and politically motivated activities based on impressive organisational capacities. The stage was set during the last days of April by multiple calls on Russian websites and by the massive sending of emails, most with Russian addresses, to carry out cyber attacks in Estonia. An emotional debate was conducted about how to fund the renting of servers and botnets. At the beginning of May, detailed instructions, timetables and orders to conduct the attacks were disseminated. This led to an avalanche of attacks from all over the world. During the following days the attacks became more and more organised and co-ordinated. On some peak days, it was estimated that up to one million computers had been involved.

The whole period of cyber attacks was accompanied by dramatic political and economic moves from the Russian side. The Duma delegation which came to Estonia at the beginning of May on a fact-finding mission issued an unprecedented call for the resignation of the Estonian government (which had been in office for only a few weeks following the March parliamentary elections). Indirect economic sanctions included the closure to "heavy vehicles" of the vital border bridge over the Narva River and the disruption of rail transit traffic by the sudden onset of "railway repairs". Calls via the internet to mobilise Russian-speaking young men in Estonia and elsewhere to take up arms and fight for "justice" can be seen as direct incitement to terrorist attacks. Fortunately these calls failed to find followers.

One can conclude that Estonia became a test case for future technological warfare. Considering the scale of the cyber attacks and the way they were organised, new phrases - "cyber-terrorism" and "cyber warfare" - were coined. It was important and positive that both Nato and EU institutions immediately recognised the significance and future risks of cyber attack. Unfortunately they still lack proper defences against this kind of attack. In cyberspace, international terrorism, organised crime and state-sponsored activities all easily overlap. Therefore, the challenge illustrated by the example of Estonia serves as an urgent wake-up call for a comprehensive and co-ordinated international approach to this question.

  • Estonian centre-right MEP Tunne Kelam is a member of Parliament’s subcommittee on security and defence.

Bill Newton Dunn

The military commanders, they say, always fight the next war like the last one. But, next time Europe is attacked, it may not be with explosives and munitions. It may not be like 1939-45 or even like the invasion of Iraq.

An attack on Europe could be silent - using biological or cyber weapons. How ready is Europe to deal with such attacks? Our 27 national governments decline to answer this question - on the grounds of national security. Or, could their reluctance possibly be because they are ill-prepared?

Citizens should never trust the assurances of governments. In this question - which literally could mean life or death - MEPs, and national MPs, on behalf of the public, should demand to know how well or ill-prepared each of the member states of the European Union currently are.

Cyber attacks through the internet? The public knows how Russia (probably) orchestrated multiple attacks on Estonia after 27 April this year when a Soviet bronze soldier statue was moved in Talinn. The cyber-attack brought down the websites of the president’s office, many government ministries, the parliament, the police, political parties, news organisations, and two large banks. Unsuccessful attacks were launched against mobile phone networks and rescue service systems. Postings on internet forums invited people to support the attacks.

In June, the Chinese military hacked into a Pentagon computer network in their most successful cyber attack, so far, on the US Defense Department. Both the Russian and Chinese governments issued denials. Theoretically, the attacks could have been organised by organised-crime gangs. But the latter is unlikely because gangs do their dirty work for money, not for political or military reasons.

Cyber-attacks on Europe’s critical infrastructure? Our power stations, airports, military command centres, financial centres and much more could all be attacked simultaneously in different parts of the EU. The European Commission has been consulting and trying to co-ordinate - because each member state’s success will depend on the preparedness of the others.

And biological attacks on Europe? If successful, they would infect many thousands of people, contaminate soil, buildings and transport, destroy agriculture, infect animal populations, and affect our food and water supplies.

So what do we know about Europe‘s defences? All too little. The European Commission has published a green paper on bio-preparedness. It remains open for comments by the public until 1 October.

Attacks on European infrastructure must appear attractive to potential enemies because of the failure of the 27 national governments to act together. Examples of failures are easy to find.

Many of the EU’s external borders are weakly manned and lack adequate equipment. So it is shocking to note that the Council of Ministers has just proposed to reduce the 2008 budget for Frontex, the EU’s agency which deals with external frontiers.

Why do the national governments not work together more effectively - when it is common sense that working together is more effective than working alone? Because each is afraid to share information with ‘foreigners’, even though they are fellow Europeans and our fates are inextricably bound together.

We do not know about the adequacy of defences against bio- and cyber-attacks. But we do know, for sure, that the 27 national governments fail to fight organised crime successfully - witness the steady flow into the EU from outside of heroin, cocaine, illegal immigrants, counterfeit goods, etc.

The criminals cross our open borders with impunity. But our law enforcement agencies are all national and cannot do so. ‘Joint investigation teams’ of different nationality policemen do not work because the governments squabble over who will pay the costs and complain that they cannot spare quality senior policemen to go abroad for too long. Bio-threats require advance planning and the stockpiling of vaccines. And they require very efficient exchange of full information between the 27 member states. Do you feel confident that we are being adequately protected? Many vital questions. And too few answers.

  • UK Liberal Democrat MEP Bill Newton Dunn is a member of Parliament’s committee on the internal market and consumer protection. He is currently preparing a report on the revision of EU rules on customs co-operation.

Two MEPs discuss security and technology.

Source Link Link to Main Source http://www.europeanvoice.com