Cyber security

Estonian Juhan Lepassaar to become the EU’s new cybersecurity boss

The European Union Agency for Cybersecurity (ENISA) selected Estonian Juhan Lepassaar to be its new executive director. Lepassaar, currently in charge of the cabinet for the outgoing Estonian EU commissioner, Andrus Ansip, was selected on 16 July by the ENISA management board. Prior to being formally appointed, Lepassaar shall be …

Estonian Juhan Lepassaar to become the EU’s new cybersecurity boss Read More »

An interactive cyber law toolkit launched in Tallinn

The Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence has launched an interactive web-based resource for legal professionals and students, called the Cyber Law Toolkit. The toolkit was launched at the 11th Annual Conference on Cyber Conflict – or CyCon 2019 – in Tallinn, Estonia, on 29 May. According to …

An interactive cyber law toolkit launched in Tallinn Read More »

LIVE FEED: Tallinn is hosting the 11th International Conference on Cyber Conflict

From 28-31 May, Tallinn is hosting the 11th International Conference on Cyber Conflict – or CyCon, as it’s known – and Estonian World is providing a live stream of some of the keynote speeches at the conference. CyCon is bringing together over 600 key experts and decision-makers from the global …

LIVE FEED: Tallinn is hosting the 11th International Conference on Cyber Conflict Read More »

Estonian-founded cybersecurity startup RangeForce raises USD1.5M in seed funding

RangeForce, an Estonia and New York-based startup, has raised USD1.5 million in seed funding for cybersecurity simulation-based learning platform.

The Estonian-founded startup raised the funding from Paladin Capital Group, with participation from Trind Ventures.

RangeForce helps companies deal with their cybersecurity and information security vulnerabilities by training their security specialists and IT professionals to learn the latest and most effective skills in cyber siege warfare to anticipate and fend off attacks on business-critical assets. The company said in a statement that the cash injection will be used to recruit additional talent to expand the product platform.

The company’s learning platform provides a progression of realistic cyber siege scenarios to train and assess technical teams’ decision-making and security skills over the entire spectrum of threat lifecycle management operations. RangeForce’s performance-based skills measurement analytics engine provides continuous evidence that teams are prepared against cybersecurity threats.

Nurturing cyber talent

“One-size-fits-all classroom training models are obsolete, because they don’t provide actionable skills required to hold threats at bay,” Taavi Must, the CEO and a co-founder of RangeForce, said in a statement. “Our problem-based learning approach provides enterprise IT and cybersecurity teams with tangible defensive cyber warfare experience. Cloud-based simulation training in a real-time setting has shown to be the most effective cybersecurity training method at scale.”

He added that finding skilled cybersecurity staff is only getting harder by the day and his company’s performance-based testing system supports security and tech leaders in recognising and nurturing their cyber talent. “We aim to become the industry standard to assess the most important element of cybersecurity readiness – human skill level.”

RangeForce said it already had a global customer base across the financial, technology and health-care sectors; the clients include Microsoft, Barclays, Santander and Pipedrive.

The company was founded in 2015 by Taavi Must, Jaanus Kink and Margus Ernits who had a combined expertise in cybersecurity and enterprise software development.


Cover: RangeForce’s team.

The world’s largest cyber exercise in Estonia brings allies together

At the world’s biggest real-time cyber security exercise, it’s not the winning but the taking part that counts.

Organised by the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Locked Shields has been running since 2010. This year, representatives from 30 nations, including from as far away as Australia and Japan, are taking part. Around 1,500 participants from the military and private sector are involved in the exercise, running from 8 to 12 April.

The exercise is a unique two-day opportunity for national cyber experts to practice protection of national IT systems and critical infrastructure under the pressure of a severe cyberattack. The scenario sees a Red Team fight against a Blue Team for control of the fictional island of Berylia. The Red Team, which represents the fictional nation of Crimsonia, is based in Tallinn, but the blue teams, acting as national rapid reaction teams, are situated in their home countries and will use their skills to try and win. This year, 23 blue teams are taking part.

A fictional Berylia experiencing a deteriorating security situation

While Locked Shields is a competition, the most important aspect is that each team completes the exercise knowing more than when they started.

“We will only announce the top three and the rest of the teams will be anonymous,” said the director of the CCDCOE, Colonel Jaak Tarien. “We want the teams to experiment and learn. Nobody needs to be ashamed if they bring a new team to this exercise [and they fail]. For us, the focus is to provide the best training available.”

The technology branch head of the CCDCOE, Raimo Peterson, reiterated this message. “The point is its not to win, and I’m always underlining that. The target is to have the highest learning curve.”

This year’s scenario sees the fictional Atlantic island Berylia, a NATO member, experiencing a deteriorating security situation. A number of hostile events are coinciding with coordinated cyberattacks against a major civilian internet service provider and military airbase. The attacks are causing severe disruptions in the operations of the electric power grid, 4G public safety networks, drone operation and other critical infrastructure components.

This is where the 23 blue teams come in to support the government of Berylia. Locked Shields tests how the nations would use their cyber strategies to collaborate with foreign governments to deter and recover from a cyberattack. In addition to maintaining complex IT systems, the blue teams must be effective in reporting incidents, executing strategic decisions and solving forensic, legal and media challenges. The simulation takes place 23 times – one for each team – on the NATO cyber range in Tallinn.

Making the exercise true to life

At the Hilton Hotel, in the middle of the afternoon on the first day, groups of people wearing yellow, green and white T-shirts sit at rows of tables in front of computers overseeing the exercise as it takes place. On the walls, computer screens display the scoreboard for the 23 teams, maps of Berylia and mock-ups of critical infrastructure including a power grid and water plant. Next door, the Red Team is carrying out its attacks.

What makes Locked Shields unique is the inclusion of the private sector to make the exercise true to life. The infrastructure systems the teams are fighting to control are replicas of the real systems companies have in place, rather than a complete simulation. The power grids, water plants and 4G networks under attack are mock-ups of the real thing. But it wasn’t always this way. When Locked Shields first started, the exercise used entirely fictional infrastructure. Raimo Peterson told Estonian World that getting the companies involved took some persuading at the beginning.

“There was resistance because the private sector companies were a little bit afraid about the publicity if we were hacking their systems,” Peterson, who was acting as head of the Green team, said. “But the objective of this exercise is to teach people to configure the systems safely and securely. We are not testing products.”

Although Peterson did admit that, on some occasions, the teams have accidentally detected flaws in the companies’ IT systems. This information was then passed discretely back to the company so it can fix its weak spots.

The benefit of having the private sector involved is that it improves everyone’s knowledge of what could happen, and how nations and governments would react, if a cyberattack on critical infrastructure does occur in the future. “Our interest is to have them onboard in order to build more realistic environments and their interest is that people around the world can operate their systems securely if a crisis does happen,” Peterson said.

Helping allies work closely together

Talking about the evolution of Locked Shields, the exercise director of the CCDCOE, Lauri Luht, said the competition had grown “significantly” over the last nine years, adding more challenges and with more teams signing up to participate.  This year there is an emphasis on teams working together. For the first time, the blue teams have the opportunity to share information with other groups, rather than just among themselves. “It’s not only about competition – it is about collaboration and helping our allies and partners to work closely together,” he noted.

Locked Shields 2019 is organised by the NATO Cooperative Cyber Defence Centre of Excellence in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the United States European Command, the National Security Research Institute of the Republic of Korea and the Tallinn University of Technology.

Industry partners in the exercise include Siemens, Elisa, Cybernetica, Cisco, VTT Technical Research Centre of Finland, Arctic Security, Clarified Security, Iptron, Bytelife, BHC Laboratory, Bolt and many others.


Cover image by Helen Wright. Images courtesy of the NATO Cooperative Cyber Defence Centre of Excellence and Helen Wright.

Estonia to host the world’s largest cyber exercise

The Estonian capital, Tallinn, is to host the annual NATO Locked Shields cyber exercise from 8-12 April – the world’s largest of its kind.

The exercise is organised by the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence. The annual exercise is a unique opportunity for national cyber experts to practise protection of national IT systems and critical infrastructure under the intense pressure of a severe cyberattack.

The exercise will highlight the increased need for a better functional understanding between various experts and decision-making levels. The organisers integrate the technical and strategic game, enabling participating nations to practice the entire chain of command in the event of a severe cyber incident, from strategic to operational level and involving both civilian and military capabilities. “Considering the current cyber threats that are concerning nations the most, the exercise will address the protection of vital services and critical infrastructure,” the organisers said in a statement.

Cyberattacks against “Berylia”

According to the exercise scenario, a fictional island country, Berylia, is experiencing a deteriorating security situation. This falls at a critical time for Berylia as the country is conducting national elections.

“A number of hostile events coincide with coordinated cyberattacks against major civilian ITC systems,” the organisers described. “The attacks cause severe disruptions in the operation of water purification systems, the electric power grid, 4G public safety networks, maritime awareness capability and other critical infrastructure components. The cyber-attacks also effect national perception of election results, leading to public unrest.”

The participants of the exercise are to train as national cyber rapid reaction teams that are deployed to assist Berylia in handling a large-scale cyber incident. “While the aim of the tech game is to maintain the operation of various systems under intense pressure, the strategic part addresses the capability to understand national coordination mechanisms, law enforcement options and strategic communication.”

Participants are all over the world

The organisers of the exercise gather in Tallinn, Estonia, but the participating Blue Teams set up secure online access from their home base.

Locked Shields 2019 is organised by the NATO Cooperative Cyber Defence Centre of Excellence in cooperation with the Estonian Defence Forces, the Finnish Defence Forces, the United States European Command, National Security Research Institute of the Republic of Korea and TalTech.

Industry partners in the exercise include Siemens, Elisa, Cybernetica, Cisco, VTT Technical Research Centre of Finland, Arctic Security, Clarified Security, Iptron, Bytelife, BHC Laboratory, Bolt and many others.


Cover: Locked Shields operation room in 2018.

Estonia’s first cybersecurity ambassador among the shapers of Europe

Heli Tiirmaa-Klaar, Estonia’s first ambassador at large for cybersecurity, has been nominated by the Politico magazine as one of the 28 people shaping, shaking and stirring Europe – placing her at number four among the “doers”.

“Heli Tiirmaa-Klaar wants to write the rules of cyber conflict,” the magazine says. “As Estonia’s first ambassador-at-large for cybersecurity, she’s at the forefront of a battle over what countries can and can’t do in cyberspace. Her ambition: to stop repressive governments from committing acts of war and aggression online, while ensuring they can’t use international law to suppress the free flow of information.”

The magazine notes that on one side of the cybersecurity debate are Tiirmaa-Klaar and her allies in the West, notably the US and large EU countries, who are advocating for rules of non-proliferation in cyberspace, proposing to set strict limits on how states use botnets, malware and software vulnerabilities to attack other states and domestic political opposition.

The author of measures to allow sanctions against cyberattackers

“On the other are members of the so-called Shanghai Cooperation Organization led by Moscow and Beijing, who advocate a different approach to regulating cyber conflict that Tiirmaa-Klaar says will make it harder for countries to crack down on state-sponsored hacking activities and cybercrime, while undermining protections for human rights online. Both sides have submitted competing strategies at the United Nations, where diplomats like Tiirmaa-Klaar will be lobbying undecided countries for support.”

Tiirmaa-Klaar was part of NATO’s first cyber policy team, and later, as the EU’s first cybersecurity diplomat, she put in place measures that would allow the bloc to impose sanctions in response to a cyberattack. The measure has yet to be used, but it’s not a secret who Tiirmaa-Klaar believes should be in its sights. “We have to keep in mind that armament and readiness in Russia is increasing,” she says, according to Politico.

Every year, Politico compiles a list of 28 people who will shape Europe in the year ahead. This time, in addition to picking an overall number one – Italian far-right leader Matteo Salvini – the magazine ranked the remaining 27 people in three categories: doers, dreamers and disruptors. Tiirmaa-Klaar is ranked fourth in the “doers” category.


Cover: Heli Tiirmaa-Klaar (courtesy of Politico).

Estonia hosts NATO flagship cyber defence exercise

NATO’s flagship cyber defence exercise, Cyber Coalition, one of the largest such exercises in the world, started on 27 November in Tartu, Estonia, aiming to test and train cyber defenders from across the alliance in their ability to defend NATO and national networks.

The exercise, now in its eleventh year, involves around 700 participants from allies, partners, industry and academia.

The exercise aims to enhance coordination and collaboration between NATO and its allies, strengthen the ability to protect the alliance’s cyberspace and conduct military operations in the cyber domain, NATO said in a statement.

“It will also test NATO and national procedures on information sharing, situational awareness in cyberspace, and decision-making,” the alliance added.

Cyber threats to the alliance are becoming more frequent, complex and destructive. “A cyber-attack on one ally can affect all of us. That is why strengthening cyber defence is a top priority for the alliance, and exercises like Cyber Coalition are essential for building up this defence,” NATO said.

At the NATO summit in July 2018, the allies took the next steps in strengthening defences in the cyber domain, with a new Cyberspace Operations Centre and the ability to draw on allies’ cyber capabilities in NATO missions and operations. These steps will all help make NATO as strong in cyberspace as on land, at sea and in the air, the alliance added.

Since 2007, when Estonia became the first country in the world that was attacked in a cyber conflict, the country has become a global heavyweight in cybersecurity-related knowledge, advising many other states on the matter.

The NATO Cooperative Cyber Defence Centre of Excellence (CCD COE) – an operationally independent international military organisation – is also based in Estonia, in Tallinn.


Cover: Cyber Coalition 2018 exercise in Estonia. Images courtesy of NATO.

Estonia to host the first European defence AI and cybersecurity accelerator

In the spring of 2019, Estonia is to host the first European defence artificial intelligence and cybersecurity accelerator; early-stage startups in the field are invited to apply to take part in it.

The programme, called CyberNorth, is developed by the business-to-business accelerator, Startup Wise Guys, in collaboration with the Estonian Defence Industry Association and supported by the Estonian ministry of defence, the organisers said in a statement.

Cybernorth will start in March 2019 and run for three months in the Estonian capital, Tallinn.

Apart from the general network of over 150 Startup Wise Guys mentors, the CyberNorth programme will leverage the expertise of the Estonian defence industry and international cybersecurity, defence AI experts and practitioners, the organisers said.

An investment of up to €30,000

Startups selected to the programme will receive an investment of up to €30,000 with a follow-on possibility, a three-month hands-on intensive acceleration programme with a business development and cybersecurity focus, and access to a network of over 150 mentors and more than 100 investors. The teams will relocate to Tallinn and get free space in a modern co-working for the duration of the acceleration program, the organisers added.

Startup Wise Guys runs a boutique startup accelerator since 2012. It has accelerated more than 100 startups in 11 cohorts, focusing on B2B SaaS and fintech early stage startups.

The Estonian Defence Industry Association was founded in 2009 and it represents all the main defence and security industry related enterprises in Estonia. The association has 114 members.


The cover image is illustrative.

Estonia and other EU countries push for sanctions for cyber attackers

Estonia, the UK, the Netherlands and other European Union countries are pushing for the EU’s sanctions regime to include cyber attacks after the alleged attempts by Russian and Chinese operatives to break into the computer systems of European agencies.

The European Union has sanctions protocols targeting countries that violate nuclear or chemical weapons treaties and harbour terrorism. Now Estonia, Finland, Lithuania, Romania, the UK and the Netherlands are asking the EU to include a similar system against the individuals and organisations that are behind cyber attacks, Bloomberg reports.

“We urgently need to implement a similar regime to address malicious cyber activity,” the countries wrote in the memo to the EU’s other member states, according to Bloomberg. “The pace of events has accelerated considerably,” making “the introduction of such a regime a pressing priority.”

The leaders of the EU are to discuss security next week in Brussels, Belgium.

Last week, the American, British and Dutch authorities accused Russia’s GRU military intelligence agency of attempting to breach institutions that were looking into allegations of Russian wrongdoing, Bloomberg says.

“A separate Bloomberg Businessweek story last week detailed how China’s intelligence services had ordered subcontractors to plant malicious chips in Super Micro Computer Inc.’s server motherboards,” the news agency adds.


The cover image is illustrative.

Scroll to Top