Cyber Security

The Many Variants of Russian Cyber Espionage

Last week, the IT security firm Trend Micro shined a light on yet another case of alleged Russian cyber espionage as part of a report on Operation Pawn Storm. This report was just the most recent in a series of research papers by companies all over the world dating back to 2007 detailing the tools, techniques, and targets of cyber threat actors with reported connections to Russia.

Read more

Cyber Threat Profile – The Dukes

Governments rarely provide concrete details about the nature of the cyber threats that they face. That is why the Estonian Internal Security Service’s identification of CosmicDuke as one of the “advanced, persistent threats” (APTs) that affected Estonia’s national security in 2014 was particularly relevant and intriguing. Last week’s discovery of SeaDuke, which exhibits several similarities to CosmicDuke, provides further motivation for taking a closer look at the cyber threat posed by the Duke malware family and the actor(s) behind it.

Read more

Sensitive Personal Data as a National Security Risk

The director general of the Estonian State Information System Authority (RIA) recently said Estonia was very vulnerable to cyber attacks because of the country’s heavy reliance on e-services. The official, Taimar Peterkop, said that the greatest threat for ordinary computer users was cyber criminals, while the state was most at risk from cyber espionage. Indeed, the world has plenty of examples of, as Peterkop put it, “state secrets being stolen by very simple means.”

Read more

CyCon Day 2 & 3: Militarization of Cyberspace?

Heads of state of NATO allies declared in Wales in 2014 that cyber threats had reached the level of being able to threaten Euro-Atlantic security and cyber attacks could trigger a collective defence response. This sent a powerful message to the rest of the world. Among other things, it also poured fuel on the fire of the rhetoric that states, and especially their security services, are undermining the liberating, progressive qualities of cyberspace and turning it into an arena for competition, coercion and conflict both technically and conceptually.

Read more

CyCon Day 1: Focus on Resilience

Cyber conflict is going on all around us, all of the time. The smartphone in your pocket can be compromised to become part of a botnet (robot network) that is used to overwhelm the servers of financial companies.

Read more

“The Limits of Order”: What Role for Offensive Cyber?

Targeted cyber strikes are faster, cleaner, cheaper, less risky, and more stealthy than conventional military and intelligence operations. Who can conduct such technologically advanced attacks? What are the targets? Is there a legal framework for using them, and how significantly do they really affect the larger debates on regional and global peace and security? What are the parallels that can be drawn to other fields, such as nuclear proliferation? These and many other questions provided the context for conversations between cyber security analysts and policymakers at this year’s 9th annual Lennart Meri Conference (LMC) held in Tallinn, Estonia on 24-26 April and entitled “The Limits of Order.”

Read more

The Challenges of Hybrid Warfare

Russia’s invasion of Ukraine has sparked a rethinking of traditional geopolitical norms and warfare tactics. For this reason, ICDS convened a panel of experts to shed light on recent developments and in particular, Russian use of hybrid warfare. This report is largely drawn from discussions with those experts.

Read more

The State of Estonia’s Cyber Security in 2014

The computer networks of ministries and agencies are being probed for vulnerabilities by foreign security agencies. Cyber criminals are spreading malware that encrypts your files and holds them for ransom. The complexity of the Estonian language is no longer a high enough barrier to prevent effective phishing. Irregularly monitored websites are being breached and loaded with malware. If you didn’t think cyber security affected every individual and every institution, think again.

Read more