In its official English-language presentation, the digital government agency e-Estonia plays with the country code, EST: honest, coolest, highest, fastest, modest... Although the northernmost of the Baltic States has 1.3 million inhabitants and a surface area of 45,339 km2, it is also one of the world's giants. In the space of a few decades, a determined government policy has taken Estonia to global heights in a number of digital fields, particularly cybersecurity. This is what prompted the IHEDN to send auditors from the Digital Sovereignty and Cybersecurity major of the national session on a mission there last week.
In Tallinn, the capital, delivery robots can be seen on the pavements, waiting patiently for the pedestrian lights to turn green before crossing the road. The country's digital tropism did not come out of nowhere. During the Soviet era (1940-1991), the USSR chose Estonia as the location for its Cybernetics Institute back in the 1950s. After independence in 1991, the government continued in this direction. Today, 99.6% of banking transactions and 99% of administrative procedures are carried out online - such as taxes since 2000, marriage since 2022, and even divorce by the end of this year.
The birthplace of Skype and Bolt now has 1,500 start-upsincluding 10 unicorns (valued at over $1 billion) and one decacorn (valued at over $10 billion). Digital services and new technologies are therefore among the main economic resources of the "Silicon Forrest", along with timber. And if Estonia excels in cybersecurity, it is undoubtedly also due to Moscow's action.
MASSIVE CYBER ATTACKS IN 2007
The country still has a large Russian-speaking minority (21.6% in 2024), mainly in the east, along the border with its gigantic Eurasian neighbour. In early 2007, the government decided to move a monumental statue of a Soviet soldier from a central location in Tallinn to a military cemetery. This decision provoked riots among Russian speakers, as well as a series of cyber-attacks that had a major impact on the country.
From 27 April onwards, dozens of Estonian websites "went down", most of them victims of distributed denial of service (DDoS) attacks: the portals of ministries, parliament, banks, newspapers and television channels, etc. The Estonian Internet was down, but the country's small size and the familiarity between the leaders of the entities attacked enabled a rapid, coordinated response.
Russia has never acknowledged its involvement in this case, and no one has been able to certify it. Only a Russian-speaking Estonian has been convicted. But this series of cyber attacks has been extensively studied by specialists around the world, and the consensus today is that it was "tolerated by the Kremlin, if not actively coordinated by its leaders", as the American magazine sums up. Wireda benchmark in the digital sector.
THE TALLINN MANUAL WRITES THE INTERNATIONAL LAW OF CYBER WARFARE
In response, the Baltic government is strengthening national cyber security: the venerable Estonian Defence League, a paramilitary organisation founded in 1918, has set up a cyber defence branch. Government servers are now all located in Estonia, with back-ups in Luxembourg. And the country is going even further: it is proposing to NATO, which Estonia joined in 2004 (the same year as the European Union), that it host a centre of excellence dedicated to cyber defence.
Created in May 2008 in Tallinn, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCoE) now has 39 members, 7 of whom are not members of the Atlantic Alliance (Austria, Australia, Ireland, Japan, South Korea, Switzerland and Ukraine, which is a candidate in 2021 and will join in March 2022). Of NATO's 28 centres of excellence, the CCDCoE has the most members.
The CCDCoE is gradually doing for digital law what the International Committee of the Red Cross did for international humanitarian law in the 19th century with the Geneva Conventions. The Tallinn Manual on the Applicability of International Law to Cyber Operations aims to transpose to cyber weapons the rules of international law applicable to the use of conventional weapons in times of conflict.
Drafted, at the invitation of the CCDCoE, by teams of volunteer lawyers from around the world, the Tallinn Manual is due to publish its third review in 2026.
LOCKED SHIELDS", THE WORLD'S LARGEST CYBER DEFENCE EXERCISE
Since 2010, the CCDCoE has organised the annual Locked Shields ("locked shields"), the world's largest cyber defence exercise. One team, the Reds, mounts a cyber attack, combining manual and automated processes, which the Blue teams must thwart. The 14th held in Tallinn on 24 and 25 April, brought together more than 4,000 experts from 41 countries.
"The aim of the exercise is to help our nations to develop, in coalition, their capabilities to deal with cyber threats", explains the director of the CCDCoE since 2022, the academic Mart Noorma, who has a doctorate in science and technology and is also a volunteer in the Estonian Defence League.
At this year's event, the three teams that scored the most points were a Latvian team allied with agents from NATO organisations, a Finnish-Polish team and a Franco-Estonian team. An example of the close collaboration between our two countries, which have been linked since May 2016 by a cooperation agreement in the field of cyber security.
THE TALLINN MECHANISM: CYBER SUPPORT FOR UKRAINE
On 20 December 2023, ten countries launched an initiative to support Ukraine called the Tallinn Mechanism: Canada, Denmark, Estonia, France, Germany, the Netherlands, Poland, Sweden, the United Kingdom and the United States.
Where previously each country acted individually, the aim is now to coordinate and facilitate "the strengthening of civilian cybersecurity capabilities, in order to help Ukraine uphold its fundamental right to self-defence in cyberspace and to meet its longer-term cyber resilience needs", according to the Quai d'Orsay.
The Tallinn Mechanism is the outcome of a discussion launched in May 2023 in the Estonian capital, and is therefore not a military cooperation mechanism: "The Mechanism's areas of action are intended to be distinct from but complementary to efforts to strengthen military cybersecurity capabilities and civil digital development efforts", explains the French Ministry of Europe and Foreign Affairs. The military dimension, which has been supported since April 2022 by the 54 member states of the Ukraine Defence Contact Group (or "Ramstein Group"), already includes a sub-group dedicated to information technologies. Estonia is co-piloting it with Luxembourg.
In addition to the ten countries participating in the Tallinn Mechanism, NATO and the EU are involved as observers. An Estonian office is already active in Kiev, in addition to a back office based in Warsaw. Technology companies and digital NGOs are also involved.