This unofficial English-language translation is provided by the U.S. Embassy in Tallinn with the kind permission of Eesti Ekspress.

The First International Member of the Cyber Center

Eesti Ekspress
Thursday, January 17, 2008

(This U.S. scientist has arrived in Tallinn to investigate the subject of future virtual conflicts at the mysterious “K5” military complex.)

Author: Argo Ideon
Photo: Vallo Kruuser

If this tall, slightly bearded, slim man is walking on the streets of Tallinn, he does not differ much from the ordinary citizens. Just by looking at him, one might say that he is a local from Tallinn, or when starting a conversation, he seems like a businessman just occasionally visiting the Estonian capital.

Actually, Kenneth Geers (39) is a much more interesting person. As of a short time ago, this U.S Naval Criminal Investigative Service Cyber Division chief, an expert in Middle East and Russian cyber crime, has been working at a military barracks in Tallinn.

Much-discussed organization

A building, built of stones back in the tsarist era, has now been renovated to house the Estonian Defense Force's Communications and Information Systems Training and Development Center (SIVAK). A new institution, which Estonian diplomacy and especially military diplomacy has made a lot of effort to bring to Estonia, is also going to be located in that building.

When President Toomas Hendrik Ilves visited the White House and the Pentagon last summer, this was the main subject that he raised with U.S. officials and which was investigated by the Estonian Foreign Ministry, figuratively speaking, through a magnifying glass.

The creation of the NATO Cyber Defense Center in Estonia is currently changing from an idea to a reality, and Kenneth Geers is the first member of the international team of the center, or, to be literal, the first member of the creation team, because officially the Cyber Defense Center of Excellence has not been established yet. Geers' salary continues to be paid by the U.S. Navy.

But things are already moving forward. At the end of next week, participating countries in the Cooperative Cyber Defense Center (called “K5” in the slang of the Estonian military, according to the first letters of the Estonian name of the center) will gather in Tallinn to discuss a memorandum of understanding. Spanish and German officials are also expected to be among the representatives.

Conference in the following week

Next week's conference will also include specialists from NATO headquarters. The result of this event should be a text that is worked through and, once it is acceptable to all the participants, finally signed.

The interior of the K5 military complex does not reveal anything about the fact that soon it is going to host what is perhaps the most important international military intelligence-centered institution in the world. If there were not more locking systems than usual, signs warning about security areas, and other features, this old building could be mistaken as an office of an advertising firm, for example. There are only long corridors and conference rooms. There are not many machines with blinking lights, and those giant screens where you can see all the flashes and moving dots from all the continents of the world – like in a James Bond movie – are nowhere to be seen.

The planned center is actually going to be more like an academic institution, where research and development work will be done and NATO strategic doctrines about cyber defense will be composed.

Whenever some of the partner states from the defense alliance are having problems with their communications systems and computer networks, the specialists from Tallinn can always go on a plane and fly there to help. For future NATO cyber defense trainings, the complicated scenarios with the technical components and geopolitical background information will be put together in Tallinn.

Geers says that Estonia should be appreciated for launching the center. “Pretty soon there will be German, Spanish, Italian, and other specialists working together in this building. I hope that it is going to be exceptionally powerful. It is a completely new thing that has never been seen before.”

Hillar Aarelaid, who was leading the defense against the cyber attacks directed towards Estonia last spring, says that he has met Geers twice, once for fifteen minutes and another time for only seven minutes. “He is a serious, business-like, and sensible man,” he states, but he refrains from characterizing the U.S. expert more closely.

A specialist on Russia and the Middle East

Kenneth Geers, of course, is no rival to Bill Gates or Steve Jobs when it comes to fame in the IT world, but he has made his name in the more narrow area of specialists. He has conducted a number of interesting presentations at events where experts in cyber security and hacking come together. For example, his presentation on the cyber war between Israel and Palestine, which was held three years ago at a Defcon-conference, is available for everyone on the Internet. It is a rather detailed analysis that speaks about the attack methods as well as the identities of the attackers and on which sites they communicate to each other. For Estonia, though, the subject of interest should be Geers' presentation about the characteristics of the Russian hacking world.

The man visited Estonia at the beginning of summer as well, when Estonian Government institutions and media channels were suffering from massive denial of service attacks. Geers says that he does not know the person responsible for the attacks. “In case of a cyber attack it is very difficult to find the real source, even when there is a lot of indirect evidence. It would make sense to bet that there were pro-Russian forces involved, though. These could be students or organized groups.”

At the same time, there is not much hope of finding the guilty parties because, in Geers' words, the cases last for such a long time. “There have been examples of cyber espionage in the United States that have been investigated for years and years, if not for a decade. No one has been caught. It is more important to be prepared for the next attack.”

Geers happened to watch the movie Die Hard 4 during a plane flight. In this movie a cyber attack throws a city into chaos. Is it a realistic scenario? “No, I would not say so. But there are problems involved. For decades, when critical infrastructure was being developed, security issues were not taken into account, for example in the case of electricity networks.”