'Bitcoin was the exclusive method of payment for the WannaCry ransomware attack that spread around the globe, causing billions of dollars in losses,' said US Deputy Attorney General Rosenstein. Photo: iStock
The rules of war must apply in cyberspace. Image: iStock

As the fighting in Ukraine drags on, another conflict is taking shape elsewhere on Russia’s periphery. This borderless conflict is aimed at destabilizing the Baltic states of Estonia, Latvia and Lithuania, but can and likely will expand to engulf others. 

Last month, Lithuanian government and public service Web portals were hit by a sustained cyberattack from Russian hackers. The attack was a response to Lithuanian enforcement of a European Union sanctions package on goods traveling to and from Kaliningrad, a Russian territory located between Lithuania and Poland. In taking responsibility for the attack, Russian hackers promised that more would be forthcoming.

“The attack will continue until Lithuania lifts the blockade,” a spokesman for the group told Reuters. “We have demolished 1,652 Web resources. And that’s just so far.”

The Baltic states have been on the front lines of cyber warfare for decades. As the first countries to establish independence from the Soviet Union in the early 1990s, they have remained decidedly anti-Russian in their posture and thus have borne the brunt of Russia’s increasingly sophisticated cyber offensive. 

This uneasy situation boiled over in the mid-2000s with a series of aggressive Russian cyberattacks.

In 2007, the Estonian parliament, several ministries, media institutions, and banks suffered a series of severe cyberattacks over the country’s stance on relocating a Soviet-era monument in the capital Tallinn. Officials in the Baltics viewed the attack as a precursor to an offensive that could knock out power grids and make the country in essence ungovernable. 

The severity of the offensive, which lasted 22 days, forced Estonia to set up measures to insulate the country from digital warfare. The approach was simple: Put as many government services and systems on private, secure networks and beef up cybersecurity. 

Eventually, Estonia moved citizen services and the essential functions of the government to a blockchain, becoming the first country in the world to use that technology to protect its data. In doing so, Estonia created a country that could be governed virtually from anywhere in the world. In the advent of a Russian invasion or crippling cyberattack on essential services, the political leadership could flee the country and run it from another location. 

Such a model wouldn’t work in every country. Still, given their small sizes and large information-technology sectors, the Baltic states offer a blueprint for how cybersecurity systems can be built to withstand the vulnerabilities of our technological age.

As more small countries with nimble legislative environments embrace economic systems fueled by intellectual capital, the quality of their cybersecurity systems will define which countries thrive in the next world order.

The silver lining of this defensive posture is that Baltic citizens live in digital republics, as The New Yorker once described Estonia. By investing in complex digital infrastructure, the Estonian government enables citizens and residents to conduct most of their lives online. They can sign and access virtually all government services digitally using their unique Estonian digital identity, a system that was established in 2002.

In 2014, the country even launched the world’s first e-Residency program with the goal of 10 million e-residents by 2025. Although only 85,000 people have become e-residents so far, the program has allowed entrepreneurs worldwide to set up more than 19,000 digital businesses without needing to be physically present.

From freelancers to established entrepreneurs and digital nomads, Estonia’s e-Residency has made it possible to operate an online EU-registered company from anywhere. 

The future of warfare is digital because the future of society is digital. Renewed hostilities between the Baltic states and Russia have become critical laboratories to evaluate where the trend lines of cyber conflict are heading.

Countries in the Middle East, such as the United Arab Emirates and Israel, are paying particular attention to how the shifting contours of cyber warfare and defense strategies unfold.

The reason is twofold. Over the past decade, the UAE has invested substantial resources in following Estonia’s model as a digital republic. From the introduction of blockchain resources on the governmental level to plans to create similar e-residency programs, there is an indelible link connecting the UAE to the Baltics.

In recent months, Emirati officials have also discussed the need to build better cybersecurity infrastructure to safeguard the nation’s knowledge economy.  

Many analysts agree that if conflict were to break out between the Arab Gulf states and Iran, it would feature serious cyberattacks from both sides. Israel and Iran have already been trading cyber strikes, and some fear these attacks could escalate beyond military infrastructure and target vital civilian targets.

Whatever happens, cyberattacks will define the future of conflict, and the steps taken by the Baltic states to defend against Russian aggression should be watched closely for clues on how that future will play out.

This article was provided by Syndication Bureau, which holds copyright.

Joseph Dana is a writer based in South Africa and the Middle East. He has reported from Jerusalem, Ramallah, Cairo, Istanbul and Abu Dhabi. He was formerly editor-in-chief of emerge85, a media project based in Abu Dhabi exploring change in emerging markets. Follow him on Twitter @ibnezra.