Republic of Estonia. Location of Estonia Estonian counties There are fifteen counties in Estonia.
Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government...
Transcript of Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government...
![Page 1: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/1.jpg)
Estonia: Protecting the Information Society
Jaan Priisalu
Director General
![Page 2: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/2.jpg)
Context • 100% of schools connected to the internet • 97% of businesses use the internet • 76% of households • Free wifi • 3G, 4G
![Page 3: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/3.jpg)
Key figures
• 99% bank transactions • 94% tax declarations • Electronic vote since 2005 • 66% participated in online census • Digital prescriptions • E-School • Digital police • No paper in government
![Page 4: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/4.jpg)
Pillar #1 Digital Identity
• Created in 2002 • 1 191 500 ID cards • 100 000 000 signatures in 2012 • M-ID
![Page 5: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/5.jpg)
• Environment for data exchange • Secure and standardized • Structured data exchange • Protection of personal data • Cloud-ready
Pillar #2: X-road
![Page 6: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/6.jpg)
Architectural schema
![Page 7: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/7.jpg)
X-road transactions by service provider
![Page 8: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/8.jpg)
8
![Page 9: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/9.jpg)
![Page 10: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/10.jpg)
Critical infrastructure dependency on IT
95% have a dependency
30% have a critical dependency
10% have no low-tech fall-back
Not including cascading effects
![Page 11: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/11.jpg)
Triangle of Critical Infrastructure
Energy
Communications Data
![Page 12: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/12.jpg)
Baltic sea interdependency
![Page 13: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/13.jpg)
Cybersecurity
Supervision
Incident resolution,
analysis
Rules and regulations
et règlements
![Page 14: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/14.jpg)
Layered defence
Individual – hygiene
Community – trust
Organization – processes
Society as whole (countries, EU)
![Page 15: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/15.jpg)
Conclusion
• Cyber security is well organized
• Everyday monitoring
• Government communication networks
www.e-stonia.com
![Page 17: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/17.jpg)
Additional slides
![Page 18: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/18.jpg)
Types of attacks
![Page 19: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/19.jpg)
Spectrum of actors
![Page 20: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/20.jpg)
Threat environment in cyberspace
• No clear dividing line between criminal or terrorist activity and strategic attack
• Cyber attack is low-cost, technologically available, asymmetric, crosses borders
• No attribution for attacks, many 3rd parties
• Civilian critical infrastructure and private sector most vulnerable
• Not a “new threat”, but “new vulnerability”
• Policy goal: extend rule of law and stability into a chaotic domain
No Cyber War (?)
![Page 21: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/21.jpg)
2007 attacks
• DDoS attacks against government services, news portals and banks
• Service disruptions in Estonia ca 1,5h, longer abroad
• Peak traffic exceeded avg by several hundred times
• Attacks carried out in waves, precise timing. Use of botnets • Cyber attacks were just one method used in the larger
political campaign together with other methods (economic sanctions, political pressure)
• Difficulties with verifiable attribution
![Page 22: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/22.jpg)
Estonia’s whole-of-country response
Legislation and regulations up to date National Cybersecurity Council provides cabinet-level and inter-
agency coordination Public-private partnerships with private sector companies, civil
society, individuals Private-private partnerships Contribute internationally
![Page 23: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/23.jpg)
Legislation
National Cyber Security Strategy of 2008 Creation of a cabinet-level National Cyber Security Council
Restructuring of the Estonian Informatics Centre for critical civilian information infrastructure protection and monitoring the country’s cyber space
Emergency Act of 2009 Cyber attacks can constitute a national emergency
Re-definition of critical services and coordinating agencies in light of lessons learned
Compulsory baseline IT security standards for the public sector
Creation of the Cyber Defence League
National Cyber Security strategy 2013
![Page 24: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/24.jpg)
Government
National Security Council
National Cyber Security Council
Private sector stakeholders
Ministry of Economic Affairs
and Communications MoD Ministry of
Interior Affairs
Ministry of Justice
Ministry of Finance
MFA Ministry
of Science & Education
Information security network: CISO-s of critical companies and state agencies which provide or oversee critical services
National organization
EISA
![Page 25: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/25.jpg)
CIIP operational setup in Government
EISA
All Gov networks
CIIP security measures for vital service providers
Regulatory authority over vital service providers and public sector
CERT
Information Board
Protection of Classified networks
Intelligence
Security Police
Counter terrorism
Counter Intelligence
Criminal investigations
![Page 26: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/26.jpg)
Individual citizens, awareness and education
• Graduate and BA programs, modules
• R&D funding
• Primary and secondary education curricula
PPP
• CIIP Council
• Update of Security Regulations, Recommendations and Best Practices
• IT security community (Key Vital Service Providers and Government )hosted by national CERT – 24/7 comm lines, regular meetings etc.
International Organizations
CCD CoE
EU IT Agency
Not just government
![Page 27: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/27.jpg)
![Page 28: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/28.jpg)
Cybersecurity… as an international problem
![Page 29: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/29.jpg)
International cybersecurity
• NATO
• Council of Europe
• Police cooperation
• UN, ITU, OSCE
• Bilateral and minilateral
![Page 30: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/30.jpg)
European Union
31
![Page 31: Estonia: Protecting the Information Society · 2007 attacks • DDoS attacks against government services, news portals and banks • Service disruptions in Estonia ca 1,5h, longer](https://reader034.fdocuments.net/reader034/viewer/2022050515/5f9f34f47e5f36006c205359/html5/thumbnails/31.jpg)
Cabinet and Multinational Exercises
• Cyber Fever:Table-top exercise was organized by Cyber Defence League January 30-31
Multinational exercises
EU Cyber Europe 2010 & 2012
EU EuroSOPex 2011
EU-US Cyber Atlantic 2011
NATO Cyber Coalition 2010-2013
NATO CCD CoE Locked Shields 2012, 2013