NATO Cooperative Cyber Defence Centre of Excellence : The 3rd International Conference

More than 380 experts gathered in Tallinn, Estonia, to participate in the annual International Conference on Cyber Conflict. Presentations treated the legal aspects of cyber conflict as well as the technical ones, including recent issues such as Stuxnet and iBots.

The opening address was given by the President of the Republic of Estonia, Toomas Hendrik Ilves, who encouraged nations to develop new strategies and further develop procedures and capabilities. Ilves was followed by Major General Jonathan Shaw, who noted that although cyber awareness has improved, it is important to note that about 80% of cyber problems these days would disappear if people disciplined themselves with what he referred to as “cyber hygiene”.

High level speakers warned participants not to over-emphasize any one response mechanism – cyber security is delivered in layers, and the military as the upper layer cannot function without the infrastructure, expertise and lessons learned from intelligence and law enforcement agencies, CERTs and the private sector.

A common theme was the difficulties encountered in the intersection between information sharing and privacy. While Jeff Bardin examined the lack of reciprocity and trust between governments, Hayretdin Bahşi stressed the relevant differences between attackers and defenders in this matter. Attackers have no problem with sharing vital information, but defenders have issues of organisational privacy and potential information loss to contend with.

Another key question is the ability of a nation to purchase the knowledge and skills necessary to combat cyber attacks. While governments cannot afford geniuses, there might be other ways of enlisting private sector brains and assets. Whether the example of the Estonian Cyber Defence league will be followed, or whether other strategies will be used, is a question for the future. On same note, Raoul Chiesa suggested thinking of hackers not only as enemies but as a sort of national resource that could be cultivated.

Charlie Miller, speaking about technical limitations and capabilities, argued that it is quite difficult to produce a completely invulnerable product; and since no regulations exist, it is almost impossible for the consumer to choose the safest product. As Robert Kohn and Charl van der Walt pointed out, the latter is an important issue since attackers often target commonly used applications such as Internet browsers or office software.

Many participants observed that nations will have to rely on help from the private sector, since cyber warfare capability relies on private sector expertise in information and network architecture, and trust. This reemphasized the importance of public-private partnership and their continuing development; a study consisting of a check-list, national lessons learned and guidelines would be a useful next step.

The underground market for malware and cyber criminals is growing with demand. As Ralph Langner reminded participants in his presentation about Stuxnet, it took a lot of resources and a great mind to create the first nuclear bomb, but copying it was an easy feat. The same principle applies to the cyber world; copying Stuxnet will be easier than creating it was.

The conference concluded with a presentation of the NATO cyber defence policy that was endorsed by the NATO defence ministers on Wednesday. A NATO official stressed that NATO’s cyber defence capabilities will focus on the protection of its own networks and those networks CRUCIAL to carrying out critical tasks for the Alliance. A detailed action plan has been approved by the defence ministers together with the policy specifying tasks for all NATO bodies involved in cyber defence and the NATO CCD COE.

The next International Conference on Cyber Conflict will take place in June 2012 in Tallinn, Estonia.

The NATO Cooperative Cyber Defence Centre of Excellence is a NATO-accredited Tallinn-based international military organisation whose sponsoring nations include Estonia, Latvia, Lithuania, Germany, Hungary, Italy, Slovakia and Spain. The CCD COE’s mission is to improve the cyber defence capabilities, cooperation and information exchange of NATO member states and their partners.