Sign up for our newsletter
Technology / Cybersecurity

Tallinn Digital Summit: Cyberattacks are a matter of ‘when’, not ‘if’

Investment and co-operation key to thwarting cybercriminals, ministers tell conference.

If countries are not prepared and do not channel resources into cybersecurity, they can expect the worst to happen. That was the warning from senior digital ministers from across Europe who spoke at the Tallinn Digital Summit on Tuesday.

In Estonia alone, 300 cyberattacks are happening every day, claimed Raul Rikk, Estonia’s national cybersecurity policy director at the Ministry of economic affairs and communication of Estonia. “I see the world becoming increasingly hostile in the cyber space,” he told the audience.

During a panel titled ‘The Leap to a More Resilient Cyberspace’, IT and digital ministers from Ireland, Austria, Estonia, the UK and Singapore discussed the current cyber threats landscape, measures to improve cybersecurity at national and international levels, and how to improve cyber resilience post-Covid-19. Here, Tech Monitor brings the key takeaways from the panel.

Tallinn Digital Summit: cyber security lessons from Ireland and Austria

In May, Ireland’s Health Service Executive (HSE), the country’s healthcare system, was victim to what is thought to be the biggest cyber breach in its history. All servers and computers in the network were shut down after criminal gang Wizard Spider launched a ransomware attack. HSE, which has an annual budget of €21bn to serve 5m people and has 100,000 employees, suddenly found itself going back to pen and paper, recounted Ossian Smyth, Ireland’s minister of state for public procurement and eGovernment, who was the minister responsible for cybersecurity at the time of the attack.

White papers from our partners

Tallinn Digital Summit cybersecurity

Ossian Smyth speaking at the Tallinn Digital Summit on Tuesday. (Photo by Aron Urb)

The Irish government did not negotiate or pay the $20m ransom asked for by the criminals. And although it did not lose any data and the country was eventually able to weather the attack, Smyth said that the actual cost of the attack was five times higher than the amount asked by the gang. Nevertheless, Smyth and his colleagues in government learned the lesson that prevention is key to avoid these devastating situations.

You could wake up one morning in your own country and find that one element of your critical infrastructure no longer works.
Ossian Smyth

“You could wake up one morning in your own country and find that one element of your critical infrastructure no longer works, some part you hadn’t even thought about, your gas, electricity…,” said Smyth. “In our case, it was the healthcare system. We need to find a way to prevent them because prevention is more effective than cure.”

Austria’s minister for digital and economic affairs, Margarete Schramböck, agreed with Smyth in the need for early investment in cybersecurity, particularly after the cyberattack on the country’s foreign ministry in 2020. However, drawing from over two decades of experience in the IT and cybersecurity industries, she raised concerns about private sector businesses being reticent to make the required funds available to boost cyber defences.

“I know how decision-makers say ‘now it’s not necessary, it’s a high cost’,” Schramböck told summit attendees. “Of course, it’s like insurance but today you can be assured that this investment is really good, both from a state side and for companies.”

The investment could prove more beneficial among SMEs, which make up 98% of companies in Austria, since they often lack IT knowledge and experience and this makes them particularly vulnerable to cyberattacks, continued Schramböck. This is why her government is creating digital innovation hubs with a focus on cybersecurity and is giving a 14% cashback incentive to those that invest in digital, including cybersecurity measures, during the Covid-19 crisis.

“We need to support them […] We need more cybersecurity white knights,” said the minister. “Why? Because the small companies do not always have access to the bigger IT companies, they do not know how to handle it but they need in their region, in their area, some point they can go to to find the people that can help them.”

Cyberattacks: a matter of ‘when’, not ‘if’

Cybersecurity “captured the public imagination” of Singapore’s citizens in 2018, after a quarter of the city-state’s population healthcare records were breached during a cyberattack against the country’s healthcare system, explained Josephine Teo, Singapore’s minister for communications and information. Although people were aware that cyber incidents existed, it was when they experienced it first hand that they realised they were dangerous and could compromise their personal privacy. Since then, the degree of understanding among government and the general population has improved greatly, she added.

It was after SingHealth’s data breach that Singapore’s position on cybersecurity changed from one of trying to prevent attack to one that assumes that an attack has already occurred: “It’s just a question of ‘when’, it’s not a question of ‘if’,” said Teo. Now her government’s policy is to be more resilient in terms of recovery and it is putting three steps into practice. Firstly, constant vigilance and monitoring of systems and assuming that a breach has happened already; secondly, implementing standard operating procedures and response mechanism if a breach happens so there is a quick recovery – something particularly important in public services that millions of people depend on; lastly, improving public communications in the event of a breach to maintain trust with citizens.

Teo emphasised that although skills and awareness are important to improve resilience, her government wants to spread the message that cybersecurity is a shared responsibility, starting with every individual person: “Our efforts alone are not going to hack it,” she said. Although Singapore’s digital transformation initiatives are very advanced, there is still room for improvement in cybersecurity and that is why they developing a toolkit that offers a step-by-step approach for businesses to protect themselves. Her government is also working on a “trust mark” accreditation system that allows customers to see which companies have high cybersecurity standards in place.

But in addition to these nation-specific initiatives, Teo and her counterparts in the panel agreed that international cooperation among “like-minded” democratic countries, including sharing intelligence and agreeing on cybersecurity investment and budgets, is essential to make states and economies resilient.

“We will see trillions invested in digitalisation of the world, which is all good thing for the benefit of the people,” says Estonia’s Rikk. “But It has to be complemented with investment in cybersecurity otherwise we will be sharing many more experiences [of cybersecurity attacks].”

Cristina Lago

Associate editor

Cristina Lago is associate editor of Tech Monitor.