IDG News Service — Nations increasingly touched by cyberattacks are still in the very early stages of figuring out how to deal with incidents that could escalate into critical national security threats.

From DOS (denial-of-service) attacks on Web sites to hacking attempts on power grids and financial and military systems, experts are warning that the next wars will be kicked off by electronic blitzes from non-state actors and that nations haven't worked out clear strategies.

But academics, experts from private companies and government officials are discussing those issues this week in Tallinn, Estonia, at the first-ever Conference on Cyber Warfare. It's hosted by the Cooperative Cyber Defense Center of Excellence (CCDCOE), launched in May 2008 to help NATO countries deal with ever-growing cyberthreats.

"Cyberattacks are here to stay," said Jaak Aaviksoo, Estonia's defense minister, during a keynote speech on Wednesday. "They are not disappearing."

Estonia experienced a devastating cyberattack in 2007 following a decision to move a statue memorializing Russian soldiers who fought during World War II. Pro-Russian hackers took down bank and school Web sites via DOS attacks on Estonian networks.

Subsequently, Georgia experienced similar attacks following its conflict with Russia last year. And earlier this week, Iranian news Web sites and those belonging to political organizations were hit with DOS attacks following the contested re-election of President Mahmoud Ahmadinejad.

A multitude of issues are under discussion at the CCDCOE's conference: how nations can legally respond under international law to cyberattacks, how nations should render assistance to one another and simply what is the definition of a cyberattack.

None are likely to be resolved quickly, said Estonian Army Lieutenant Colonel Ilmar Tamm, director of the CCDCOE.

"The situation changes so rapidly," Tamm said. "We have to be really conscious on the conclusions we recommend, and nations have to be understand the potential consequences of what they adopt on the legal side, the policy side."

The CCDCOE is funded by its seven nation members, which include Estonia, Latvia, Lithuania, Germany, Spain, Italy and the Slovak Republic. The U.S. is not a member but has assigned a civilian with the U.S. Navy to the CCDCOE. Turkey, Hungary and the U.S. have expressed interest in joining CCDCOE.

The CCDCOE does not advise NATO operationally but is instead a think tank that is working in policy areas related to cyberwarfare such as tactics, protection of critical national infrastructure, policy and legal issues, Tamm said. The organization produces research papers, some of which are public and some of which are only for benefit of NATO countries, he said.

Continue Reading