Following the massive cyberattacks against the Baltic country of Estonia in April, NATO on Thursday asserted that cyberdefense must now be a priority among member nations.
Several defense ministers, including Estonia’s, raised the issue during a meeting at NATO headquarters in Brussels, Belgium, and all 26 alliance members agreed that a new focus on cyberdefense was critical to protect against similar attacks in the future.
“There was sentiment around the table that urgent work is needed to enhance the ability to protect information systems of critical importance to the Alliance against cyberattacks,” NATO spokesperson James Appathurai said. “Therefore, that will be, I am sure, a subject of work here within NATO starting tomorrow or maybe Monday.”
Attack on Estonia
Roughly a million computers worldwide were used to conduct the denial-of-service attacks on Estonian government and corporate Web sites, swamping them with so much traffic they were forced to shut down.
The attacks began on April 27, the day Estonia enraged Russia by removing a Soviet-era war memorial from its capital city of Tallinn. The Estonian government traced much of the attacking traffic to Russian computers, it said, but the Russian government has denied involvement.
After the attacks had gone on for about three weeks, NATO sent an official to investigate.
What Is War?
The attacks “were sustained; they were coordinated; they were focused; they were against a public information infrastructure of Estonia,” Appathurai said. “They had clear national security and economic implications for Estonia.”
Indeed, the attacks on Estonia have led to new discussions about whether such cyberwarfare should be considered in the same category as traditional warfare, and, if so, what the response should be. Now that the topic has gained NATO’s official attention, it will also undoubtedly spur increased conversation about what, exactly, should be done in the way of prevention.
“I’m surprised it took so long to get to this level,” Johannes Ullrich, chief technology officer at the SANS (SysAdmin, Audit, Networking and Security) Institute, told TechNewsWorld.
Although the U.S. military has been working for years to secure its cyber infrastructure, “China has launched some successful attacks against U.S. military computers,” Ullrich said.
Most of those attacks were aimed at gathering intelligence, he said, but “once they can penetrate a network, shutting the system down is actually easier than getting in.”
The military’s heavy reliance on its technology infrastructure for communications makes it extremely vulnerable, he said: “If you can shut down the cyberinfrastructure that controls the logistics, you can essentially leave the troops stranded out in the field without supplies.”
Learning to Share
Nevertheless, private companies are subject to cyberattacks “all the time,” Ullrich pointed out, and Internet service providers and other vendors have long been working on solutions to the problem.
One of the most important things for preventing such attacks will be the exchange of information, Ullrich stressed. “We need cooperation between government and the private sector, and between countries,” he said. “If one country gets attacked, it may be able to alert others who may not have even detected an intrusion yet.”
Cybersecurity expert and lawyer Parry Aftab agreed. “We really need to do so much more in the way of collaboration,” she said.
“What we need to do is pull experts together into a room and determine what we need to do, what it will take, and who needs to be involved,” Aftab told TechNewsWorld. “We have unbelievable talent in this area–now it’s time to start deploying it.”