Jump to content

User:PCulli/sandbox

From Wikipedia, the free encyclopedia

Estonia’s Response

The Estonian government was quick to blame the Kremlin, accusing it of being directly involved in the attacks. It was later revealed that the allegations were baseless when Estonia's defense minister, Jaak Aaviksoo, admitted that he had no evidence linking the cyber-attacks to the Kremlin. "Of course, at the moment, I cannot state for certain that the cyber-attacks were managed by the Kremlin, or other Russian government agencies," Jaak Aaviksoo said in interview on Estonia's Kanal 2 TV channel. "Again, it is not possible to say without doubt that orders came from the Kremlin, or that, indeed, a wish was expressed for such a thing there," said Aaviksoo. Russia called accusations of its involvement "unfounded," and neither NATO nor European Commission experts were able to find any proof of official Russian government participation.

Since the attack, Estonia has advocated for increased cybersecurity protection and response protocol.

NATO’s Response

Article 5 and Cyber defense: In response to such attacks, NATO conducted an internal assessment of their cyber security and infrastructure defenses. The assessment resulted in a report issued to the allied Defense Ministers in October 2007.  It further developed into the creation of a cyber defense policy and the creation of the NATO Center of Excellence for Cyber Defense in May 2008.5

Due to the attacks, the Tallinn Manual on the International Law Applicable to Cyber Warfare was also developed.  This report outlined international laws which are considered applicable to the cyber realm. The manual includes a total of ninety-five “black-letter rules” addressing cyber conflicts.4 The Tallinn Manual has worked to provide a global norm in cyber space by applying existing international law to cyber warfare.  The manual suggests that states do not have sovereignty over the internet, but that they do have sovereignty over components of the internet in their territory.

Terrorism Edit:

Made a point to update the Infographic section to include data from the 2016 Global Terrorism Index (p.27-36). The current infographic (on "Top 10 Countries") seems to be lacking a citation and is outdated as of 2014. I do not have the skills or materials to create infographics. Apart from this, the majority of the page seemed well organized and written. I checked the majority of the links and references and all linked to the appropriate sources.

The Terrorism page included many references to the GTD and similar sources. Many of which are only updated to 2014 as was the info graph. Overall, the page was well organized and produced. In contrast, the Left-Wing Terrorism page was seemingly underdeveloped. I would think some reference to its history as a wave of modern terrorism would be appropriate.

2007 Cyberattacks on Estonia

1)    Lead Section

a)    Cyberattacks on Estonia were a series of cyber-attacks that began 27 April 2007 and continued until the 18th of May that same year1.

2)    The Attack

a)    It is suspected that the attacks which took place in 2007 against Estonia were of a politically motivated nature. The attacks occurred during a period of riots and protests in response to the movement of a Soviet memorial in the city of Tallinn, thus It is reasonable to consider that such an occurrence which sparked riots could also have influenced the cyber-attacks. The evidence that this was malicious included profanity and phrases insulting the Estonian Prime Minister, Ansip Pidor. Many of these attacks were posted on Estonian government websites.2 Other attacks utilized denial-of-service (DDoS) methods, effectively shutting down government based websites. Additionally, the attack is responsible of distributing anti-state propaganda, and even disabling the parliamentary email servers3. As the Estonian government is heavily reliant on the Internet, such attacks had devastating initial results.  Results for ordinary Estonians, on the other hand, were quite limited and no long-term effects have been felt 4. Yet, such attacks did indeed spark debates about the state’s awareness of and response to cyber threat. 

3)    Impacts of Attack

a)    The attack is regarded as one of the most devastating on record, as it effectively disrupted the country’s electronic infrastructure which it heavily relies on. During the period of the attack in 2007, Estonia was a leading state in regards to the use of information and communication technology (ICT)1. Estonia utilized such in nearly every aspect of its society. From banking, parliamentary elections, and hundreds of public e-services, Estonia was a leader of ICT integration, yet such also made Estonia highly vulnerable to a devastating effects of a cyber-attack. Such effects were realized world-wide, and thus provoked an urgent effort to better prepare for such a threat.

4)    Estonia’s Response

a)    The Estonian government was quick to direct blame on the Kremlin, accusing direct involvement in the attacks. It was later revealed that such accusations were without proof when Estonia;s defense minister, Jaak Aaviksoo, admitted that he had no such evidence linking the cyber-attacks to the Kremlin. ("Of course, at the moment, I cannot state for certain that the cyber-attacks were managed by the Kremlin, or other Russian government agencies," Jaak Aaviksoo said in interview on Estonian's Kanal 2 TV channel. "Again, it is not possible to say without doubt that orders (for the blockade) came from the Kremlin, or that, indeed, a wish was expressed for such a thing there," said Aaviksoo. Russia called accusations of its involvement "unfounded," and neither NATO nor European Commission experts were able to find any proof of official Russian government participation.) - moved from lead section.

b)    Relocate lead section information, include allegations by defense minister, include request to NATO…

c)    Since the attack, Estonia has been a major advocate for increased cyber security protection and response protocol. Such efforts include independent state advancements, such as Enacting legal developments in Estonia to include cyber security, as well as the introduction of international protocol adaptations (Shackelford).

5)    NATO’s Response

a)    Article 5 and Cyber defense: In response to such attacks, NATO conducted an internal assessment of their cyber security and infrastructure defenses. The assessment resulted in a cyber defense report issued to the allied Defense Ministers in October 2007.  The report recommended further efforts to strengthen cyber defenses. It further developed into the creation of a cyber defense policy and the creation of the NATO Center of Excellence for Cyber Defense in May 2008.5

b)    Due to the attacks, the Tallinn Manual on the International Law Applicable to Cyber Warfare was developed.  This report outlined international laws which are considered applicable to the cyber realm. The manual includes a total of ninety-five “black-letter rules” addressing cyber conflicts.4 The Tallinn Manual has worked to provide a global norm in cyber space by applying existing international law to cyber warfare, suggesting states don’t have sovereignty over the internet, but that they do have sovereignty over components of the internet in their territory.

c)    Developing formalized rules on Cyber security

6)    Opinions of Experts

a)    According to the American journalist, Shane Harris, the attacks against Estonia are “generally regarded as among the most devastating on record”

7)    Responsibility for the attacks

8)    Influence on international military doctrines

a)    Current Developments

9)    See also

10) References

a)    Czosseck, Christian, Rain Ottis, and Anna-Maria Talihärm. "Estonia after the 2007 cyber attacks: Legal, strategic and organisational changes in cyber security." Case Studies in Information Warfare and Security: For Researchers, Teachers and Students 72 (2013).

b)    Remenyi Dan 1 July 2008: “Proceedings of the 7th European Conference on Information Warfare and Security”

c)    Harris, Shane. @war: The Rise of Cyber Warfare. London: Headline Group, 2015. Print.

d)    Herzog, Stephen, Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses (2011). Journal of Strategic Security, Vol. 4, No. 2: 49-60, 2011.

e)    Shackelford, Scott. "Estonia Two-and-a-Half Years Later: A Progress Report on Combating Cyber Attacks." (2009).

f)     Singer, P. W., and Allan Friedman. Cybersecurity and Cyberwar: What Everyone Needs to Know. Oxford: Oxford UP, 2014. Print.

g)    Schmitt, Michael N. Tallinn Manual on the International Law Applicable to Cyber Warfare: Prepared by the International Group of Experts at the Invitation of the NATO Cooperative Cyber Defence Centre of Excellence. Cambridge: Cambridge UP, 2015. Print.

h)    Ashmore, Willam C. "Impact of Alleged Russian Cyber Attacks." (2009)

11) 12. External links

Edit by savannt:

Corrected some minor spelling errors.

3a isn’t cited so when it say, “regarded as one of the most devastating on record” regarded by who, or what agency? Actually I saw the citation later on but I’m not sure what @War, but maybe it’s somewhere else in the main published wiki article.

In section 4a you could go into more detail about how Estonia responded to the attack.

It looks like the author has added a good amount to the article. If possible it would be interesting to find out more information about the group that perpetrated the attack. What other attacks have they participated in, their ideology, etc. I would also be useful to go over other cyber-attacks that may have been similar to the Estonia attack, but not quite as devastating. This could be done by linking existing articles or by citing other attacks that may not have wiki pages yet. This will give the reader other sources to follow and give them a better idea of the different scales and methods used by cyber terrorists. It would also be interesting if the author could find more information about who specifically was attacked besides the head of state. Overall, it’s difficult to make a judgement on the neutrality of the added information since it doesn’t really discuss the actors involved. Also, since this is just an outline of information that may be added to the main article it’s difficult to assess the “tone” of the article.

Despite these small adjustments that may be made, it seems like the author will make a valuable contribution to the overall article.