Major cyber security conference in Estonia
Experts from around the world stressed the importance of enhancing cyber security.TALLINN – Security experts from around the world have gathered in Tallinn for the third international high-level conference on cyber security that called attention to the need for countries to invest more in protecting their internet space.
The conference, organized by the NATO-accredited Cooperative Cyber Defence Centre of Excellence, saw experts from nearly 40 countries discuss the latest issues in fending off both individual hackers and state-sponsored cyber attacks.
Estonian President, Mr. Toomas Hendrik Ilves opened conference . In his opening speech, president Ilves among other issues touched upon the asymmetry of cyber threats.
According to President Ilves there have already been cases of actual or prevented aggression against nation-states carried out in cyberspace: “Were they to have been carried out with kinetic weapons, we in NATO would be faced minimally with an Article 4 and most likely with an Article 5 scenario.”
However, as President Ilves said, “we have no conception of how to define aggression in cyberspace or redefine it for cyberspace; we lack clear attribution to any political entity; we lack a response doctrine to apply were we to know who committed the aggression; and we have not dealt with the possibility of asymmetry, i.e., what if an effectively military action was perpetrated in its entirety by a small group of unknown hackers.”
“This means that even before we can talk about the hardware and software side of cyber defence and cyber warfare, we have to develop a conceptual consensus.”
Speaking of computerisation and internetisation, President Ilves said that since our critical infrastructure, our electricity grids and transportation and mobile phone networks are so enmeshed with and tied to the internet – any open society is vulnerable. “As much of our critical infrastructure is also transnational – we require a transnational approach. We need to make our transnational computer-dependent critical infrastructure resilient, that is to say, if not impervious then at least maximally shielded from the dangers of an attack,” President Ilves stressed.
NATO governments and the public must wake up to the threat of cyberattacks, which could paralyse a nation far more easily than conventional warfare, experts warned.
Guest Speaker Melissa Hathaway, a former US cyber tsar, “Cybercrime and cyberespionage are topics that can’t be ignored,” said. “Key infrastructure, including power stations, have become vulnerable due to their dependence on Internet connections,” “There is no national security in the modern world without economic security, and both companies and private citizens should also realise the depth of the problem,”.
Charlie Miller — a security expert who launches test assaults on IT systems — underlined that cyberwar is far easier than a conventional attack. “It would take two years and cost less than 50 million dollars a year to prepare a cyberattack that could paralyse the United States,” Miller warned. Such an attack could involve fewer than 600 hackers, he added.
Despite Estonia’s experience, people elsewhere have not woken up, said British defence ministry expert Gloria Craig. “It’s still hard to convince the public that a cyberattack is an attack, when people don’t see a smoking gun,” Craig said. “As of now NATO is not prepared for a global cyberattack,” she added.
US specialist Bruce Schneier, however, said the current threat should not be overplayed. “Building tanks does not mean you fear you could be overrun by a military force right now. It pays to build tanks and it pays to prepare for cyberwar, but I don’t believe that’s a fear we should worry about right now,” Schneier said.
“It’s very easy to invent scare scenarios but this does not mean we should actually be scared by them,” he said.
from (c) 2010 AFP, NATO, Oskars Magone
CCDCOE, officially the Cooperative Cyber Defence Centre of Excellence (Estonian: K5 or Küberkaitse Kompetentsikeskus) is one of NATO Centres of Excellence, located in Tallinn, Estonia.
The Cyber Defense Center in Tallinn is one of 13 accredited  Centres of Excellence (COEs), for training on technically sophisticated aspects of NATO operations. It is being funded nationally and multi-nationally as these centers are closely linked with Allied Command Transformation and promote the alliance-approved transformation goals.
The main agenda of the facility is to:
- improve cyber defence interoperability within the NATO Network Enabled Capability (NNEC) environment,
- design the doctrine and concept development and their validation,
- enhance information security and cyber defence education, awareness, and training,
- provide cyber defence support for experimentation (including on-site) for experimentation,
analyzing the legal aspects of cyber defence.
The centre has also other responsibilities which include:
- contribution to development of Cyber Defense Center practices and standards with NATO, PfP, NATO candidates and non-NATO nations,
- contribution to development of NATO security policies related to cyber defence its definition of scope and responsibility of military in cyber defence,
- conduction of the cyber defence focused training, awareness campaigns, workshops, and courses,
- developing and conducting cyber defence focused exercises and its ability to provide CD exercise support,
- providing cyber defence SMEs to NATO and its ability in cyber defence testing and validating.
The Centre received full accreditation by NATO and attained the status of International Military Organisation on the 28th of October, 2008.
The CCD COE is open to all NATO nations. In addition, CCD COE can establish cooperative relations with non-NATO nations, universities, research institutions, and businesses as Contributing Participants.
The Centre conducts research and training on cyber security and includes a staff of approximately 30 persons.There are currently 8 countries involved within the centre: Estonia, Germany, Italy, Latvia, Lithuania, Slovakia, Spain, United States