How can callous online lowlifes be stopped? Cybersecurity specialist Marki Tihhonova-Kreek knows just the sort of weapon that’s needed

Tuesday, 28 June 2022
Towfiqu barbhuiya / Unsplash

It’s estimated that cyber criminals caused six trillion dollars worth of damage globally last year, which is to say around the same amount as the federal budget of the United States for 2022. Data theft, ransomware attacks, account hijackings, the launch of malware sent by e-mail, break-ins to people’s cyberspace, the sabotaging of vital services and similar crimes occur every second. So how can we protect ourselves against them?

Christine Hafskjold, who is responsible for the cybersecurity of local governments in Norway, says such attacks must be afforded the consideration they deserve by all countries, cities, infrastructure of critical importance, companies, schools, homes, children, parents – in a word, by everyone. “Criminals operate in the cyber sphere very smartly, using people’s lack of knowledge and the weaknesses inherent in systems to their advantage,” she cautions. “The biggest challenges faced by the police are finding the resources to ward off serious, targeted attacks that have a major impact, and raising people’s awareness.”

One of the biggest stumbling blocks is a lack of competence. “There just aren’t enough qualified cybersecurity specialists, which makes it very hard for small and medium-sized companies in the public and private sectors to properly focus on digital security,” Hafskjold says.
Marki Tihhonova-Kreek is convinced that cyber crime will never be fully eliminated. She promotes cyber education in Estonia, organising the Cyber Battle. In her view, the only line of defence is ever higher and ever more effective firewalls.

“To achieve that, it goes without saying that we have to improve people’s basic, everyday cyber hygiene,” she says. “We need new ethical hackers all the time – people brought over to the side of the good guys from as young an age as possible who can discern patterns of criminal behaviour and prevent and block attacks, in the process saving their country, or their city’s waste water treatment plant, or the air traffic control centre, or their school’s website, or their grandma’s Facebook account.”


Cyber spooks haunt the net 24/7

Cyber criminals are everywhere, but there are groups with specific national ties and links to Russia’s military activity in Ukraine. Tihhonova-Kreek highlights a recent example. “In late April, Microsoft announced that they’d identified a minimum of six online groupings with ties to the Russian state that were behind at least 237 cyber attacks on Ukraine since the start of the Russian invasion,” she recalls. “Some of those very destructive attacks are ongoing and endangering the well-being of civilians.”

The report showed that Russia’s cyber attacks seem to correlate with the country’s kinetic military action. Looking at the bigger picture, this means that since the start of hostilities, not just Ukraine itself but other countries supporting it – including Estonia – have been targeted.
Hafskjold says the problem is the lack of knowledge. “Everyone should be security-aware within the framework of their own job,” she advises. “That said, in any organisation the buck stops with management. Security doesn’t just happen – it’s something that requires constant, systematic attention. The war in Ukraine and the very high-profile ransomware attacks we’ve seen in recent years have at least served to boost awareness of digital security.”

Such attacks, and attempts to deflect them, are happening constantly. Thankfully, most organisations are prepared for them and are able to restore their data quickly in the wake of an attack. Sometimes, however, these digital incursions lead to personal data being leaked online.
“An interesting case we saw recently in Norway was a serious ransomware attack on Østre Toten municipality early last year,” Hafskjold says. “Everyone who worked for the local government had their access to key IT systems cut off. Their data were encrypted and the back-up copies deleted.”

This breach affected close to 30,000 documents, including sensitive personal data. Around 2000 of the documents were later discovered for sale on the dark web. An investigation revealed that the municipality’s data security had been insufficient. Relaunching the systems took months and cost the local community millions of Norwegian kroner. They were also fined by the country’s Data Protection Authority.

Hafskjold adds that organisations often hush up cyber attacks so as not to lose the trust of their clients or the public. “What’s good about the Østre Toten attack is that they were very open about it, and about its consequences,” she notes. “As a result, local governments in Norway are now very clued up on cybersecurity.”

This year, the Norwegian government allocated an additional 50 million kroner in support of efforts to improve local governments’ abilities to respond to digital security and cyber emergencies.

Virtual attacks have real-life (and death) consequences

Tihhonova-Kreek points out that far from being victimless crimes, cyber attacks can lead to actual deaths. “Just how fragile people’s lives are when faced with the sheer scale of cyber attacks is something people came to realise in 2017 in the aftermath of the attacks on the NHS in the UK,” she says. “They brought hospitals to a standstill and led to thousands of operations being cancelled and patients being turned away.”

The number of ransomware attacks continues to grow, wherein leaked usernames and passwords are used to take over people’s accounts with the aim of gaining access to company information systems. “The cyber attack on US energy giant Colonial Pipeline last year caused utter chaos, since they lost all control of their pipelines,” Tihhonova-Kreek recalls. “It led to fuel-rationing in 17 states, which lasted for a good while even after the company paid the alleged five-million-dollar ransom.”

Many crucial incidents are linked to passwords, and to people using the same one for everything, leaving their personal and work-related accounts vulnerable if the password leaks. Just as common is password-sharing with partners, friends or close associates – who can then abuse that knowledge if the relationship comes to an end.

Malicious links are also quite widespread, distributed on social media. Tihhonova-Kreek gives a recent example of a link that appeared in Facebook chats accompanied by the text: “Is that you in this video?” When you clicked on the link, it gave the cyber criminals access to your account.

Good hackers: the cyber-defenders of the future

The Nordic countries jointly have been turning more attention to the playful training of the next generation of cyber talent. This year, the Estonian cybersecurity company CTF Tech and the Nordic Council of Ministers (NCM) office in the country are working together to organise a major series of cyber events for young people from the Nordic countries and Baltic States entitled the ‘Cyber Battle of the Nordic-Baltics 2022’. The final of the competition will be held in the sports hall of the University of Tartu on 29 October.
The final of the ‘Cyber Battle of the Nordic-Baltics 2022’ will be held in the sports hall of the University of Tartu on 29 October.

4bb90d36e0efc31a24113d8a122112a5 1920x1080

During the event, the participants (aged 15-24) will learn about ethical cyber smarts and put one another’s hacking skills to the test. Youngsters from the other Baltic States and Nordic countries will also be taking part to make the competition even more exciting. In the future, this generation of cyber talent will be defending themselves, their friends and families and their countries as a whole against cyber attacks.

The didactic and playful approach to the event will utilise the cyber education platform CTF Tech Portal, which itself is linked to a cyber training ground. In other words, in the course of the event the youngsters will have at their disposal a cyber-training environment that is just as visually attractive as those used by a variety of government agencies and international organisations.

Grete Kodi, an adviser on digital issues to the Estonian office of the NCM, says people get involved in the Cyber Battle project to achieve the aim shared by all of the Nordic and Baltic governments: to make their region the most integrated in the world, primarily with the aid of digital solutions.

“That’s why it’s so important that we’re capable of honing people’s cybersecurity skills in a way that leads to them using them ethically,” she says. “Those sorts of human resources will give the Nordic-Baltic region a major advantage and is one of the biggest things that the safe organisation of society rests on. That’s why the NCM office in Estonia fosters and helps to maintain such developments.”

Hafskjold agrees that the Nordic countries and Baltic States can learn from one another. “Sharing experience in our region is really useful, because we’re of similar sizes and have the same sort of culture and organisations,” she says. “Between us we’re also pretty advanced when it comes to the digitalisation of the public sector, and that means we’re faced with the same risks.” The MR DIGITAL meeting of ministers being held at the NCM office in Oslo in September will focus on the digital security of the public sector.

Tihhonova-Kreek calls on companies to join the socially responsible cyber community and to come up with exciting, real-life challenges for the participants in the Cyber Battle to solve, in both the training camps and the final competition. “That way we’ll make learning cyber smarts more fun for them and contribute to shaping the next generation in our region,” she says. “There are always too few people on the side of the good guys, after all.”

In cooperation with the news portal Geenius, the Norwegian embassy in Estonia and other Nordic embassies in the country, we launched a series of articles in which we shed light on the Nordic economies of the future and cooperation between Estonia and its Nordic neighbours. The articles can be found online at

Newsletter sign up

  • news
  • events
  • funding deadlines
  • recent publications