Attacks raised the issue of cybersecurity on the global agenda.
Jaak Aaviksoo, the minister of defense of the Republic of Estonia, had the daunting and unenviable task of dealing with the massive cyberattacks that hit his country in the spring of 2007. For more than three weeks, Estonia’s government agencies, banks, telecoms, and online news services suffered large-scale DDoS attacks as well as Web defacements, he said in a keynote Wednesday at the IT Security Entrepreneurs’ Forum at Stanford University. The attacks, he said, aimed “at the credibility of the Estonian government,” as well as the private sector.
Traffic coming into Estonia was 400 times more than normal, creating havoc for a country Aaviksoo described as heavily reliant on the Internet. In response, officials blocked traffic altogether, he said: “Something close to a sea blockade.”
The cyberattacks served to bring the issue of national cybersecurity on the global agenda, Aaviksoo said. “Cyberattacks that may constitute a national security threat are no longer science fiction,” he said, adding that attacks similar to the ones endured by Estonia could happen on a larger scale to bigger countries.
National responsibility combined with international cooperation is critical for fighting cybercrime, he said. Public awareness also is important as is law enforcement. The legal instruments to fight Internet crime “are clearly underdeveloped,” Aaviksoo said.
He said there’s been a lot of speculation about the source of attacks but no conclusions. At the time, some speculated that Russia was behind the attacks.