The work of the ciberembajadora Heli Tiirmaa-Klaar is becoming more and more important. Is the ambassador of Estonia to cyber security. In 2019 Politico chose it as one of the 28 personalities that were to shape Europe. Your country was made famous by a few tragic events in 2007: he was the victim of the first great operation of Russian cyberspace: “The geography in Estonia it is impossible to escape,” she says. Tiirmaa-Klaar has been a consultant to NATO and in charge of the mount the politics of cyberspace in the EU. The diplomat spoke with THE COUNTRY during a recent visit to Madrid organized by the Aspen Institute and the Fundación Telefónica.
Question. What is a ciberembajadora?
Response. Is a diplomatic specialist that understands what kind of threats are there in cyberspace, how to respond to the bad behavior of state actors and how to encourage good behavior.
Q. How did the world cyber?
A. I Studied political science. But I majored sticks because I had to create the first e-strategy after the attack of 2007. I understood quickly that it’s a very strategic and is infraestimado by the majority of Governments.
Q. The events of 2007 were the first major ciberoperación Russian.
A. there Were many elements. The cyber attack was one of them.
Q. it Was all for a memorial of a soviet soldier.
A. we were Going to relocate the statue to a cemetery. But a campaign of false news spread in social networks in Russian where they said that the monument was going to demolish inaugurated the riots, which were very serious: cars on fire, shops vandalized. In Estonia there was something going on as well since the Second World War, is a place very peaceful. Young Russian-speaking drunk broke furniture. By the riots, the statue is recolocó fast. And began the cyber-attacks.
Q. what kind?
A. there Were three waves. First there was the activist, then a more professional and at the end another more serious. For three weeks. Was against online services and against newspapers to block the information that was happening in the country. Imagine that you have riots and the media do not work. Estonians rarely used the radio and the old channels of tv, that yes worked. The websites of government were blocked, the banks online too. All the infrastructure of the internet that we used was attacked. Our experts were able to mitigate the attacks for three weeks. The longest period of decline for a bank was a day and a half.
Q. And what about since then?
A. Never happened something like that.
Q. what I Would have said then that this could happen again?
A. Come in many u.s. journalists to Estonia to look at the facts of 2007. See a lot of similarities with the election of 2016. The resemblance in methods is striking.
Q. Then, what the russians are doing something similar to 2007?
A. government agencies do not change very fast.
Q. What is concerned in the future? What a great attack that sagging infrastructure of a country?
A. That it is forbidden under international law. It is a serious violation. Cyber attacks do not fall out of the sky, there is to place them in their political context. It’s like in 2007, it is not that something happens in cyberspace, something happened in the real world. You must look at the cyber conflict as well: if there is a real conflict somewhere, will have a facet cyber. The item cyber will be used to help the strategic objectives of a political conflict. Hack the power grid has not happened because it is very serious.
Q. In Ukraine.
A. it Was during a real conflict. At Christmas. Violated many rules. The problem is that no one reacted.
Q. Then, what a cyberwar is fiction?
R . There will be no cyber war. There will be a real war with a facet cyber. There is always a political reason. The conventional thinking believes that a cyber war is about to erupt. Well, it has not happened. There have been many attacks and many movies but the reason for that there is a cyber war is a real conflict that also give out of cyberspace. Not the other way around. Unless something very serious goes wrong in cyberspace and from there climb. To avoid this you have to build trust.
Q. How do you qualify what happened in the elections of 2016 in the US?
A. there Was a preference for a candidate.
Q. And do you see the attribution?
A. sometimes the mess is because you want to prove that you can confuse to. You want to demonstrate that power in your State.
Q. These ciberacciones seems not to pass red lines.
A. The actions below the threshold of armed conflict, but that no longer are peaceful, are the biggest problem that we have. And how to stabilize the cyberspace in order to discourage you to do these actions. In addition, there are an increasing number of countries entering in this field.
Q. But his biggest concern is not a cyber conflict.
A. Is the balkanization of the internet. Our first obligation as diplomats is to avoid war and build the peace, but the second task is the need to keep the internet free of charge, interoperable and accessible that we have. If now divided into political blocs are different, the global internet as we know it now will no longer work. Since there are firewalls and restrictions that some countries build, but still works the internet interoperable.
Q. But such a separation does not seem remote.
A. Can happen. It is a model very attractive: close and allow only certain content, not the other countries. Freedom is your real problem, the internet is only a medium.
Q. What security issue you see with the 5G?
A. would Not accept a technology they do not trust. It is a trust issue. Once you have a provider it is very difficult to change it.
Q. What will you do in Estonia?
A. companies should be registered in the European Union, which are the telecommunications companies in europe. We will create a mechanism for the control of risks to which a government agency certifies the technologies.
P. And what about the chinese companies?
A. Will be this mechanism of control of risks who must decide. It is a mixture of different methods. There are many risks valued, both politicians as the same functioning of the State. Are not only technological risks. These risks include, for example, if the technology comes from a country where applies the rule of law, or if it is a country whose companies must cooperate with the intelligence services.
Q. what technology china is not cheaper?
A. The price is often used as a reason for weight, but when you consider the span of time that will be used, the adopter of early technology usually pay more because you buy the first version of a technology.
Q. What I would advise other countries to do with 5G?
A. Each Government has to decide its own risk. There is even a guide of the EU.
Q. Estonia is famous for its digitization. Why?
A. During the soviet period, hardly had technology. During the nineties, we adopt the more new. In 1996 and 1997, our banking system was already online. As the private sector began to develop digital services, so did the Government. There is another reason simple: the size of the country, we don’t have a lot of people. We can’t afford the luxury of having a administrative by doing small tasks. There is the need to automate many of these services.