The Northern-most Baltic state with a population of 1.3 million people and an economy originally based on mining, industry and trade, is today one of the leading European countries in the field of cyber security and resilience. After the Singing Revolution culminated in the independence of Estonia, Latvia and Lithuania from the Soviet Union in 1991, Estonia immediately launched reforms to begin with the process of transitioning to a market economy through privatization and currency reform. Joining the Word Trade Organization in 1999 and subsequently acceding to the European Union and NATO in 2004, while also joining the Eurozone in 2011, Estonia was well on its way towards greater economic development as part of the biggest common Market in the world. But how did this country manage to become the leading authority on international cyber norms?
Following persistent and devastating cyber attacks from Russia on Estonia in 2007, NATO decided to establish a NATO Center of Excellence on cyber security in the Estonian capital Tallinn the next year. Under the name NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE), Estonia hosts 22 sponsoring nations and the contributing countries Austria, Sweden and Finland, providing them with expertise on cyber defense, awareness and training. In close cooperation with the NATO Allied Command Transformation, the center on cyber defence promotes the transformation of NATO’s (cyber)security.
One of the key actors in Estonia’s development as a frontrunner in cyber expertise was the fourth President of Estonia Toomas Hendrik Ilves. The former diplomat and journalist was in office from 2006 until 2016 and later served in several functions as an expert on Information and Communication Technology (ICT) within the European Union later chairing in various positions for the Internet Corporation for Assigned Names and Numbers (ICANN) and the World Economic Forum. Ilves played a crucial role in promoting innovation and investment in cyber training as well as digital bureaucracy in Estonia. Using the government-sponsored e-estonia campaign – with the catchy slogan “we have built a digital society and we can show you how” – Ilves and the Estonian government have successfully branded their county as a digital society with an innovative and market friendly economy.
Estonia didn’t stop there though. It raised its military spending to the third highest level within Europe as share of GDP (2.38 percent), only barely outpaced by the UK (2.43 percent) and Greece (2.58 percent). This puts Estonia in the category of the select few member states that follow NATO’s recommendation to commit 2 percent of their gross domestic product to defense spending.
By framing the 2007 cyberattacks on Estonia as the future of warfare, the crafty Baltic state was in fact able to strengthen its security situation. The decision to declassify the majority of information about the cyber attacks conducted against Estonia led to lots of interest and discussion among international media, think tanks, and experts around the globe. This increased exposure to the dangers of cyber and the vulnerabilities created by the increasing reliance on the internet for critical infrastructures and the economy, had a strong effect on cyber norms. Because Estonia was one of the first countries to highlight the new challenges facing NATO from cyberspace, it was able to act as a “norm entrepreneur” – by actively shaping the application of law to cyberspace.
Estonia’s capital Tallinn, became the birthplace of new legal norms for governing conflict and warfare in cyberspace. This groundbreaking achievement came to be known as the Tallinn Manual, and as of now there have been two versions, which have attempted to provide non-binding guidelines on conflict in cyberspace. This year, the CCDCOE began working on the third installment of the Tallinn Manual, the results of which will be developed over the next five years. To close off the argument from earlier: By exposing the weaknesses and challenges facing all NATO members, Estonia opened the door for public debate on cyber attacks and new forms of hybrid conflict, drawing attention to the need to cooperate.
Sources:
- Biography of Toomas Hendrik Ilves: https://www.presidentilves.ee/bio
- Background information about the e-Estonia Briefing Centre: https://e-estonia.com/about-us/
- Fagan, Moira. 2020. “NATO seen in a positive light by many across 10 members states”. Pew Research Fact-Tank. https://www.pewresearch.org/fact-tank/2020/11/30/nato-seen-in-a-positive-light-by-many-across-10-member-states/
- Gold, Josh. 2019. “How Estonia uses Cybersecurity to Strengthen its Position in NATO”. ICDS. https://icds.ee/en/how-estonia-uses-cybersecurity-to-strengthen-its-position-in-nato/
- Makalu. “Picture of Tallinn”. Pixabay. https://pixabay.com/photos/estonia-tallinn-historic-center-3737128/
Richard Skalt 
Leave a comment