Homeland Security Watch

News and analysis of critical issues in homeland security

January 20, 2011

Lessons from Estonia’s Cyber Army

Filed under: Cybersecurity,Preparedness and Response — by Arnold Bogis on January 20, 2011

Dr. Who fans, don’t get excited.  Estonia is not creating an army of Cybermen.

Instead, as reported by NPR,  it has created an all volunteer force of programmers and computer scientists that would be mobilized to defend the country during a cyberwar.

The responsibility would fall to a force of programmers, computer scientists and software engineers who make up a Cyber Defense League, a volunteer organization that in wartime would function under a unified military command.

“[Our] league brings together specialists in cyberdefense who work in the private sector as well as in different government agencies,” Defense Minister Jaak Aaviksoo says. The force carries out regular weekend exercises, Aaviksoo says, “to prepare for possible cyber contingencies.”

For a nation as dependent on the internet for everyday life as Estonia, the fear of cyber attack is strong. The risk was made vivid following the 2007 assault on many of the country’s networks.  So strong, in fact, that there is serious consideration given to instituting a cyber draft:

The sense of cyber vulnerability in Estonia has been a key rallying point for the Cyber Defense League. No democratic country in the world has a comparable force, with computer specialists ready and willing to put themselves under a single paramilitary command to defend the country’s cyber infrastructure.

Aaviksoo says it’s so important for Estonia to have a skilled cyber army that the authorities there may even institute a draft to make sure every cyber expert in the country is available in a true national emergency.

There seems to be some obvious lessons for U.S. cyber efforts, but cultural difference may present too large of a firewall…

In the United States, most top cybersecurity experts work in the private sector and are not available for government duty, even in times of an emergency. Stewart Baker, who tried to coordinate cyberdefense efforts at the Department of Homeland Security under President George W. Bush, says a Cyber Defense League like Estonia has would have been helpful.

But Baker, a former general counsel at the National Security Agency, says it’s been hard in the United States to promote public-private collaboration in cybersecurity.

“The people who work in IT in the U.S. tend to be quite suspicious of government,” Baker says. “Maybe they think that they’re so much smarter than governments that they’ll be able to handle an attack on their own. But there’s a standoffishness that makes it much harder to have that kind of easy confidence that you can call on people in an emergency and that they’ll be respond.”

Potential lessons learned for U.S. homeland security are not limited to the cyber arena.

The unit is but one division of Estonia’s Total Defense League, an all-volunteer paramilitary force dedicated to maintaining the country’s security and preserving its independence.

Aaviksoo says Estonian civilians are willing to be mobilized to defend their country because of their experience of invasion and occupation: by the Soviet Army in 1939, followed by the Germans in 1941 and then again by the Soviet Union, which occupied Estonia until it broke free in 1991.

“Insurgent activity against an occupying force sits deep in the Estonian understanding of fighting back,” Aaviksoo says, “and I think that builds the foundation for understanding total defense in the case of Estonia.”

While a paramilitary force is not required in the U.S. to preserve our independence, the Estonian Total Defense League could be a model for increasing citizen resilience, in particular active participation in prevention, mitigation, preparedness, response, and recovery activities.  A Total Resilience League?

CERT is a good, if underfunded and underdeveloped, first start in this direction. The next step should be a concentrated effort to engage those outside of traditional homeland security communities with relevant expertise or experience to participate in resilience-building activities.  For example, veterinarians as well as anyone else with a modicum of medical training should be excepted as providers/responders during any catastrophe that overwhelms traditional response organizations (thus helping to create community medical resiliency).  Unfortunately, I fear that ingrained attitudes found within those organizations, concerning behavior of the public in general and volunteers in particular during events of all sizes, will be a major impediment.  But we can always hope.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print
  • LinkedIn


Comment by William R. Cumming

January 20, 2011 @ 1:46 am

Very interesting post! Estonians having suffered a major attack are correct in their concerns. Modern society can no longer operate without the Internet. Should solar flares or EMP attacks or other nation-state directed attacks, or non-state actor attacks succeed then like the Iranians with the STUXNET attack regrets without any capability to defend or restore service will soon bring any portion of the world’s economy to a halt. I think the real reason behind the disarray is generational. Most of my generation have no idea of how dependency on the Internet and computers that operate has grown. Despite the fact that many are totally at a lost when their hard drive fails and no external backup of data.
Estonia has also recently changed its requirements for becoming a citizen. Perhaps agreeing to be part of the self-defense force should be a new critieria and the skills to go with it.

Comment by Dan O'Connor

January 20, 2011 @ 9:04 am

With two recent articles indicating STUXNET was a collaborative effort between the US and Israel to thwart or slow the Iranian nuclear program, we may be passed broaching the membrane of cyber war. In my opinion, it would be prudent to brush off articles and thoughts of John Arquilla.

To Bill’s point; most of the populace is ignorant, by definition of our dependence on the internet and have a diminishing functionality without that connectivity. Our growing complexity makes us more vulnerable, in my opinion.

Perhaps our sophistication is our demise. There’s a fine line between utter madness and peculiar genius.

Unibomber Ted Kaczynski’s manifesto called for a worldwide revolution against the effects of modern society’s “industrial-technological system”. If someone like Kaczynski has more cyber ambition, global motivation and/or alignment with a Nation State or even terrorist group to interrupt technology, we’d feel their effect.

With regard to effect; the primary mission of a sniper in combat is to support combat operations by delivering precise long-range fire on selected targets. By this, the sniper creates casualties among enemy troops, slows enemy movement, harasses, and demoralizes soldiers, thereby frightening them from unseen and large distance. This adds to friction to the battle space. So, the metaphor of counter cyber sniper in terms of detecting, engaging, and eliminating cyber snipers is apparent.

The citizen counter cyber sniper may be the emergent requirement. Our over reliance on technology, global interconnectivity, and virtual lives and activity requires a more resilient, nimble, and adaptive frame work. Perhaps the Estonian model has even more merit than meets the eye.

Comment by William R. Cumming

January 20, 2011 @ 10:59 am

I like Dan’s Sniper aphorism.

By the way–BTW–has Wikileaks impacted Homeland Security in any way–postively or adversley? What cyber security changes look likely because of WIKILEAKS?

After all Cyber Security is one of the principle reasons DHS was created, was it not?

Pingback by Tweets that mention Homeland Security Watch » Lessons from Estonia’s Cyber Army -- Topsy.com

January 21, 2011 @ 1:09 pm

[…] This post was mentioned on Twitter by Bob Connors, Belfer Center. Belfer Center said: Belfer Center Fellow Arnold Bogis: Lessons from Estonia’s #Cyber Army http://bit.ly/dKnsK3 […]

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>