Cyber fortress Estonia teaching the world

Political news portal Politico published its list of the most influential people in Europe next year last week, with fifth place going to Estonia’s cybersecurity ambassador Heli Tiirmaa-Klaar.

Tiirmaa-Klaar takes her place in between well-known Europeans, after Secretary General of the European Commission Martin Selmayr and in front of Ukrainian presidential hopeful Yulia Tymoshenko. Politico believes Italy’s populist interior minister Matteo Salvini will be the one to influence Europe the most next year.

Politico put you on a highly influential list. How did you learn of the fact and what was your reaction?

I became fully aware the day it was published. I had received an invitation to the event a few weeks prior, but no one had explained what exactly would be happening.

I’m used to attention and familiar with people in Brussels, so it did not baffle me as such, while it’s nice to be recognized.Problems with elections and cyberattacks have put cybersecurity on the map in the European Union. I was the one to introduce certain topics in the EU, and they are aware of that. I believe that was the reason.

You are Estonia’s first cyber envoy, and you’ve been busy for three months now. What does an ambassador at large for cybersecurity do and how does it differ from ordinary diplomatic work?

It is global thematic diplomacy. If an ordinary diplomat works in a given geographic region and seeks cooperation within, cyberdiplomacy is an important new element in foreign and security policy.

A lot of major countries already have similar positions or teams. In Europe, France has a cyber ambassador, the Brits do not have an envoy but a director and a team of 20 people. The Americans have a team, Germany has an ambassador. All our main partners have created these roles.

We remain an exception among smaller countries, but Finland also has a cyber ambassador.

There are a lot of formats within international organizations – NATO, EU, UN and OSCE. Smaller meetings between certain countries are also quite commonplace, as well as various events and conferences where it is my job to represent Estonia.

Next to that, there are professional cooperation formats the precise contents of which we do not discuss publicly. There, we discuss things within a small circle of serious cyber countries.

Do you agree that cybersecurity celebrated its tenth anniversary last year in connection with the Bronze Night?

Estonia’s digitation in the 1990s was rapid but did not place emphasis on security. The latter entered the picture with the 2006 e-elections which is when the first CERT (computer emergency response team – M. K.) was created.

The cooperation network we created in 2006 helped us survive the 2007 attack, which likely came as a surprise to the assailants. It was rather a good test for us.

It was excellent cooperation between specialists that managed to fend off the 2007 attack. It would have been much harder without such a network.

We received observers from NATO and elsewhere, but there was little for them to do. Our people repulsed the attacks, knew what they were doing and remained in contact with one another throughout the process.

If until then cooperation had taken place on an operative-technical level, we built a systematic cybersecurity system after 2007.

We could say we are protected. For example, the NotPetya global ransomware attack left Estonia virtually unscathed. Some individual organizations were at risk, but those were branches of major international companies the IT-systems of which are controlled by their parent companies.

Estonian organizations were unaffected, which means our efforts at prevention have been successful. People are aware. The State Information System’s Authority (RIA) has done great work, while private sector specialists also pursue close cooperation. Estonia is quite good at defending itself in cyber matters.

A serious crisis will not only test how quickly our units are armed but also our vital services. How well defended are they?

We passed a law designating 42 vital services that need to be defended both physically and in cyberspace back in 2009. We have been working on defending these vital objects for ten years. We have crisis-time plans for defending them and pursue constant cooperation with relevant service providers. It is the responsibility of RIA.

Telecommunications operators are obligated to maintain certain networks even in case of force majeure or a major crisis.

We consider ourselves to be a cyber fortress in global comparison, while major countries, like the United States of America for example, have much greater resources. Can we compare ourselves to major world powers in the cyber domain?

Talking about defense, then yes, we are a fortress. A small country is easier to defend than America. Major countries have massive cyberattack programs that require a lot of people and technical capacity.

It is clear that USA, Russia and China have far greater capacity than any European country. Even though some European countries may be very good at it, they are still smaller.

Estonia is very well equipped to defend itself and has a voice on the strategic level. Technical capacity alone, without seeing the strategic big picture, does not serve the right goal. Someone must put two and two together.

Talking about military defense or attack plans, cyberspace is key in all domains. We cannot rely on great technical capacity to get things done without strategic thinking.

Estonia’s peculiarity is that because we are such a small system, we have tested all possible models and reached a point many other countries haven’t in terms of strategic thinking. Our small size makes it possible for us to quickly take steps that would take others years.

Military capacity is easier to measure than things in cyberspace: there are fixed sums that can buy a fixed amount of equipment. If in the field of military defense, we would like to have medium-range anti-aircraft capacity, what would be our medium-range AA in the cyber domain? What are our aspirations?

Training. Training, exercises and tests are the most important aspects in cyberspace. Machines, computers and technology in general is not all that expensive, but we need to be able to keep the good people we have.

We have them today and must do everything in our power to keep them in the public sector. Even if they work in the private sector, they must still be tied to national defense through the cyberdefense league. That is our priority.

Of course, technical capacity must be increased at one point as we need to stay with the times, and things are developing rapidly in the field of cyberattack capacity.

How far are we in terms of the right to counter cyberattacks?

Talking about cyberoperations that fall short of armed conflict, international law states countermeasures are allowed if the country has suffered damage. These measures need to be proportional and in accordance with international law.

It has not been provided that a response to cyberactivity needs to be contained to the cyber domain. Other types of reactions are also possible, like sanctions for example.

It is very difficult to respond to cyberattacks that fall short of the level or armed conflict in a way that would manage to deter their organizers. Sanctions provide a good opportunity for a proportional response as they send a strong signal and are more than a statement. Being banned from entering the Schengen area is quite a potent sanction.

The exact deterrence effect depends on the assailant and their calculations. Statements might have an effect on countries that do not want to lose face, while they do not work on others.

Estonia’s case is simple as we usually have a single country to worry about. Major European countries also worry about China.

Russia deploys denial in conventional warfare. How to hold them accountable in much more complicated cyberspace?

We have made attempts. We started with the NotPetya attack. A group of likeminded countries, including Estonia, led by the US and the UK, ascribed to Russia the most serious global attack yet that was initially aimed against targets in the Ukraine but quickly went global.

We ascribed to Russia a number of other operations in October. Also in connection with four OPCW agents who sought to conduct a cyberoperation in the Hague but were arrested.

You need to start somewhere, and we have started with publication.

Looking at the Kerch Strait incident, did you notice a spike in attacks against Ukraine before or after the events?

Ukraine has constantly been a target, and new methods are tested there all the time. To what extent the group behind cyberattacks is associated with other groups has not been convincingly proven. We have tried to help Ukraine; for example, by helping them secure elections.

A delegation from RIA is in Ukraine this week to attend an event to teach the country’s central electoral committee adopt basic cybersecurity measures. We all have a lot to learn from what is going on in Ukrainian cyberspace.

Read more news of Tallinn on our site.
If you notice an error, highlight the text you want and press Ctrl + Enter to report it to the editor
I recommend
No recommendations yet


Post your comment to communicate and discuss this article.

Chairman of the Estonian Chamber of Commerce and Industry and one of the owners of construction group Nordecon, Toomas Luman, finds that a prime ministerial candidate should first and foremost be able to answer the question of what will become of the demographic crisis in Estonia. The businessman sees controlled introduction of foreign labor as the solution. A digital construction cluster was created in Estonia a few years back to bring innovation to the s...
Last year saw 27,125 registered offenses, up 0.5 percent from the year before. Violent crime was up by 12 percent to 8,249 offenses. PHOTO: Dominic Lipinski / PA Wire / Press Association Images / Scanpix Growth was biggest for domestic violence – the police launched criminal proceedings in 3,607 cases that constitutes an increase of more than one-third – annual growth of 37 percent from 2,632 cases in 2017. At the same time, reports of domestic violence we...
TALLINN - Ahead of the withdrawal of the United Kingdom from the European Union, tens of thousands of British citizens have chosen the citizenship of some other country, but only one Brit has recently chosen an Estonian citizenship. Spokespeople for the Ministry of the Interior told BNS that only one British citizen submitted an application for Estonian citizenship last year and the applicant was also granted the citizenship. Before that, no Brits had soug...
TALLINN - Experts from Finland, Denmark, Norway and the Netherlands highlighted the importance of decentralization and granting local governments greater decision-making powers at a conference titled "Strong local government -- strong state?" in Tallinn on Wednesday.  All Nordic countries have chosen a model granting local governments significant decision-making powers, thus the central government does not prescribe how local governments are to fulfill the...
The language learning application Drops by game developer Planb Labs, established in Estonia by Hungarian founders, was named Google Play's best app of 2018. With the number of downloads surpassing 10 million, Drops was named Google's app of the year as the revenue of Planb Labs, a company registered in Estonia, increased fivefold, CNBC said. The developer's revenue grew from €335,000 in 2017 to €1.7 million in 2018. The company's shareholders include Hung...
TALLINN - The Estonian Health Board has banned the distribution of chlorine dioxide, also marketed as the Miracle Mineral Supplement (MMS), the A-component of an unused product, meaning the sodium chlorite solution, must be taken to a hazardous waste collection facility. Ester Opik, head of the Health Board's North regional department, said that the banning of the distribution of the product was caused by the fact that MMS, distributed as a cosmetics produ...
Nature cannot abide a vacancy, as the saying goes. If just one year ago, Estonia was battling the sale of MMS and the practice of giving it to children, a new “miracle cure” called Advanced TRS has appeared on the market now. Even though the make-up of the substance is different, the promise to cure autism and cleanse the body of heavy metals, which kind of extreme detox is accompanied by severe side-effects, sounds all too familiar. TRS is recommended to...
Allied NATO battalions will soon mark two years serving in the Baltics. They have worked better than expected but would need prepositioned heavy weaponry and a functional contingency plan in case of a crisis, a report by the International Center for Defense and Security (ICDS) finds. “We do not know how Russia would have acted had we not welcomed allies in Estonia, Latvia, Lithuania and Poland in 2017. I’m afraid they would have tested our resolve,” one of...
The time of filing income tax returns is nearly upon us. The new income tax system, in effect since last year, will obligate many women who went on maternity leave toward the end of the year to make additional income tax payments, while those who give birth in the middle or at the beginning of the year have no such obligation. What this means is that some women will owe the state simply for giving birth “at the wrong time”. Laura Roop, who went on maternit...