By Geoff Fein
Nations defending against cyber attacks need the ability to respond in lightning speed, as well as an understanding of who has the authority within the government to make critical, timely decisions against a cyber assault, according to a former Estonian defense official.
For several weeks in spring 2007, Estonia was hit with a flurry of cyber attacks that took down government websites as well as those of the financial, business and media sectors.
Earlier this month at the inaugural Asia Pacific Defence Forum in Singapore, Laurie Almann, former permanent under secretary of the Estonian Ministry of Defence (MoD), told attendees at the two-day gathering that there are still important lessons to be learned from the cyber attacks on his country.
“The wake-up call that started ringing two and a half years ago is still ringing, and I guess my job was to make sure nobody hits the snooze button,” he said during a teleconference call with reporters on the final day of the forum.
“We still have to figure out what is the optimal time frame for making decisions when a cyber attack occurs,” Almann said. “Because one thing that we would like to emphasize, during a cyber attack, decisions have to be made in lightning speed.”
And those decisions have to not only be made in milliseconds, but need to be made within the framework of national alliances, government organizations and the procurement process, he added.
Almann was one of several panelists on day one of the forum, addressing the “Cyber Security for a Changing Threat Environment.”
“I think the defense forum is a great event because it enables me to share lessons learned and first hand experience of the events that happened two and a half years ago in Estonia,” he told reporters Nov. 9. “I have the opportunity to share first hand knowledge of cyber defense and really raise the public awareness of what is cyber defense and what can be an impact of a real life cyber attack on a country.”
The panel, which included Brig Gen. David Koh, director military security, Ministry of Defence, Singapore, and David Pollington, director, international critical infrastructure, Microsoft Corp. [MSFT], also discussed sharing information, Almann noted.
“Within the frame work of cyber conflict, it is absolutely critical to share critical and sensitive information within wider alliances, with the private sector,” he said. “There [is] still a great need to figure out how to do it and do it properly.”
Another issue the panel explored, Almann told reporters, was looking at the issue of authority.
Cyber conflict raises important questions with respect to decision making, he said.
“Who has the authority to make decisions in a critical time when a country is hit by a cyber attack? What types of decisions need to be made? What would be a proper collaborating mechanism, for example, cooperation among various government agencies,” Almann said. “That has to be in place in order to successfully respond to this very real threat that we are facing today.”
Almann also pointed out that in this day and age, countries are really very alone when they face cyber attacks.
“There [is] so much that can be done to enhance cooperation between various countries, and put in place frameworks for enhanced exercises,” he said. “It was good that we once again we were able to focus on this real example that Estonia was going through and seeing what can we take with us to be better prepared for the future.”
The forum brought together military, government, and non-government operational information technology (IT) leaders from 18 countries across Asia, the Pacific, and Latin America, as well as 19 Microsoft partner companies to discuss how software innovation is improving command and control, cyber defense, and disaster preparedness operations, Timothy Bloechl, managing director, public safety & national security at Microsoft, told reporters during the teleconference.
“The open discussion supported at today’s Asia Pacific Defence Forum sessions such as defense information technology transformation, and the changing threats of cyber security, allow government and military leaders to share their experience on how to combat the threats to military operations posed by such virtual attacks, the defensive actions required to reduce the risk of these cyber attacks, and the role IT industry players should use to support defense efforts.”