Estonian Cyber Security Council discusses strengthening of cyber defense in context of war

  • 2022-03-25
  • BNS/TBT Staff

TALLINN - At the invitation of Estonian Minister of Entrepreneurship and IT Andres Sutt, the Cyber Security Council convened an extraordinary meeting to discuss how to strengthen Estonia's cyber defense in the context of Russia's invasion of Ukraine.

The Cyber Security Council meeting focused on the changed security threat and activities of various areas of government that help increase the state's cyber security level, spokespeople for the Ministry of Economic Affairs and Communications said on Friday.

Sutt said at the meeting that while there is no direct military threat against Estonia, in addition to conventional warfare in Ukraine, there are also very active hostilities being conducted in the Ukrainian and Russian cyber spaces, which also affects the threat assessment for the Estonian cyber space.

"It is important to see that Russia's military attack on Ukraine has stalled and every tank and aircraft lost further reduces Russia's military capability. However, it doesn't affect Russia's capability to conduct attacks in the cyber space and, therefore, it is important that Estonia's cyber defense should also match the threat level," Sutt said. 

The minister added that there has not been an excessive growth in the number of cyber attacks and incidents, however, due to there being no advance warning in the cyber space, the situation can change in an instant and the state must be ready for it.

Gert Auvaart, deputy director general of Estonian Information System Authority (RIA), said that the authority has been in heightened readiness for weeks and the cyber incident response department (CERT-EE) at RIA is monitoring the cyber space around the clock.

"We've directed additional manpower to detecting vulnerabilities in businesses and agencies and informing them about it so that they can patch up their IT systems before an attacker takes advantage of it. However, I want to stress that RIA cannot do that for everyone and it is the responsibility of every business and agency to keep their systems in order," Auvaart said.

Oliver Gailan, head of the communications department at the Estonian Consumer Protection and Technical Regulatory Authority (TTJA), gave an overview at the meeting of restrictions on media outlets.

"To date, in cooperation between entrepreneurs and public bodies, access to close to 40 TV channels the content of which incites to hatred and violence or offenses and which are subject to EU sanctions has been restricted. By doing that, we've managed to protect a large portion of our information space but at the same time we should keep in mind that in today's society, not all information channels can fully be shut down," Gailan said, adding that the TTJA continues monitoring the Estonian media space.

An overview was also given at the meeting of Estonia's urgent needs in terms of improving its cyber security capability.

"Already before the war in Ukraine, we started mapping out areas of government to detect shortcomings in our capabilities and improve Estonia's cyber security. We've put the most critical activities in place and their financing decisions will be made next week as part of the supplementary budget talks," Sutt said.

At the end of the meeting, the minister commended all the institutions and companies that have so far maintained and updated their systems in a timely and correct manner, and shared the necessary information with the Ministry of Economic Affairs and Communications, TTJA and RIA. "Special thanks also to communications companies for being a good partner in restricting the channels that incite to hatred," Sutt concluded.