TALLINN - In 2007, when hackers attacked and defaced Estonian Web sites, U.S. and EU leaders fell over themselves delivering lofty rhetoric on defending the little nation against the new Evil Empire. Less commonly known is that an Estonian has since been indicted for participation in a massive identity-theft cyber attack against the United States.
An international crime ring of 11 people has been smashed after one of the most complex investigations the U.S. Secret Service has ever conducted.
It's the stuff of superhero comic books. The Secret Service claims that the group gained access to 40 million credit card numbers and stole millions of dollars. Members of the group were American, Ukrainian, Russian, Chinese, Belarusian and Estonian, the Secret Service said.
The Estonian, Aleksandr Suvorov, was useful for his technical expertise, a product of an education system that has been encouraging young people to go into IT for years. Suvorov used this skill to get information on credit cards, which he then sold, prosecutors in the United States say.
The Chinese added the stolen information to magnetic strips on blank cards so they could buy expensive electronics and other very high-value products and use ATMs to withdraw cash. They operated on the so-called "dark market," spending millions of dollars from the stolen cards.
Secret services around the world are less worried by political motives than by the profit motive.
"We're seeing Internet venues that are completely dedicated to criminal activity, financial data that's absolutely freely available at the Internet," said Tim Boerner of the U.S. Secret Service.
"Back in the day when I used to work for DEA, [drug enforcement agency] and FBI ... it was physical stuff. Today it's all cyber, so ... it's Internet mafia who is organizing games and we know how much money they can get," Boerner said.
Cyberspace has no limits and recognizes no borders, but officials around the world are going to great lengths to regulate it.
Much is at risk: research and development information, national security secrets and cold hard cash for the criminal underworld.
This September, the Estonian-American Chamber of Commerce held a forum on cyber defense. The event was organized by the Computer Technology Industry Association, or CompTIA, and it pointed out some interesting dilemmas posed by digital security.
"We expect to have a secure and trustworthy Internet, but at the same time we need to ensure some of our fundamental rights, like the right to privacy and freedom of speech," said Costas Andropolous, a senior official at the Directorate General of Enterprise and Industry of the European Commission.
When the Internet bubble burst in 2001 there was less demand for IT people, the popularity of IT studies decreased in other parts of Europe.
"There were some alarming studies that warned us that very soon we will have a gap in the European Union for approximately half a million qualified ICT specialists," said Andropolous.
Cyber attacks are also a potent strategic weapon especially against smaller countries.
Russian authorities have consistently denied that they were behind attacks on Estonia but there seems little doubt that they were behind the cyber attacks on Georgia.
Cyber attacks on Georgia began a day before the actual invasion. On Aug. 9 Georgia's largest bank was attacked and all electronic banking was stopped. The attack was sophisticated 's hackers broke into the information site of the bank and started to change currency rates, devaluing the Georgian currency. According to the bank's system administrator, they have retooled the system and should be able to resist new cyber attacks.
Also targeted were the Web sites of the Georgian president and other governmental bodies. The aim of the attackers was to shut down all Georgian news sites, and for the first two days of the war, Russia was the world's sole source of information on the situation in Georgia.
"The way Moscow has used cyber attacks has warned us on that new situation," said former Estonian prime minister Mart Laar.
"If anyone thought that cyber attacks against Estonia is something new [or] extraordinary, then the cyber war in Georgia demonstrated clearly [that this] is not so," Laar said.
According to Georgian Internet service providers attacks' also affected smaller companies. Information collected later suggests that the damage may have been greater than estimated.
The Estonian Foreign Ministry sent two of its leading cyber-defense experts to Tbilisi to help stave off cyber-attacks.
The experts were part of the new NATO cyber-defense center established in Tallinn, and the move would was one of the strongest instances so far of NATO lending practical support to Georgia
Estonia helped out Georgia in other ways. According to IT industry website Network World, Estonian servers are now hosting the website of the Georgian Foreign Ministry, whose daily blog has become a key source of information in the propaganda war with Russia.
"For Russia to respond in any way to cyber defense experts being sent to Georgia it would have to acknowledge that it was directly supportive of, if not responsible for, the current attacks against Georgia's cyber assets. Whether or not Russia reacts on the diplomatic front this cyber war has the potential of escalating rapidly if Estonia gets involved," IT security specialist Richard Stiennon said, commenting on the move to Network World.
Comments posted on websites were fully supportive of the Estonian position, ranging from "Go Estonia!" to "Kudos to Estonia for sending those cyber security advisors to Georgia." Another post warned: "Russians in some of the forums are taking notice of this IP change also, let's see the outcome."
And Georgia and Estonia have not been the only victims. In June 2008, after a controversial ban of Soviet symbols, Lithuania fell victim to cyber attacks in which hackers from unknown locations infiltrated more than 300 Lithuanian Web sites and posted Soviet symbols and spiteful messages in Russian. Victims included both private and public companies.
Heli Tiirmaa-Klaar of the Estonian Ministry of Defense said many specialists from the United States and other countries are taking the wrong approach to dealing with the threats.
"They looked at these cyber attacks as if they were a technical thing and missed the larger political context," Tiirmaa-Klaar said.
In 2007 the European Commission was able to look far into the future for the first time and started to count on the human factor. Until that time the commission assumed the attacks take place on a certain time or in a certain place
"If I were an American hacker and I wanted to hack an American bank, I would route my traffic through at least three countries in which poor law and cooperation exist, and then the odds turn dramatically better," said Geers.
