NATO Member Wants India’s Help To Fight China As Estonia Gets Battered By Chinese Cyber, DoS Attacks

In the shadowy realm of cyberspace, an unlikely alliance has formed to combat the digital onslaught emanating from the East. NATO’s tiny Baltic member, Estonia, with a population of just over a million, has extended a virtual hand of friendship to the I.T. powerhouse of India, seeking closer cybersecurity ties to counter the relentless Chinese hacking menace.

India and Estonia have united to combat cyber threats from China and are seeking closer cybersecurity ties.

This year, Tallinn, the Estonian capital, played host to NATO’s largest cyber defense exercise, ‘Locked Shields,’ a digital battleground where participants from over 40 countries, including war-torn Ukraine, converged to hone their defensive strategies.

For the first time, an Indian contingent observed this NATO-run cybersecurity spectacle, a move that signifies the growing urgency to forge international alliances against the ever-evolving cyber threats. Locked Shields is coordinated by the Estonia-based NATO Cooperative Cyber Defense Center of Excellence.

Estonia, a nation that has weathered numerous cyberattacks, has taken a resolute stance against Chinese hackers. Defence Minister Hanno Pevkur accused the Chinese government of hiring professionals to conduct cyberattacks. “Every country ready to fight this evil is more than welcome in Estonia,” he told Times Now, extending a warm welcome to the Indian defense delegation.

The urgency of this alliance is underscored by Estonia’s recent experience. In 2022, its Computer Emergency Response Team (CERT-EE) received a staggering 27,115 reports of cyber incidents, with 2,672 classified as high-impact.

This surge in cyber threats propelled Estonia to rank seventh globally for application layer denial-of-service attacks, according to Cloudflare’s report. Unsurprisingly, state systems and portals remained the primary targets, but the onslaught also extended to educational institutions, the transport sector, and media companies, leaving no sector unscathed in this digital battleground.

Tiit Riisalo, the Estonian Minister of Economic Affairs and Information Technology, acknowledged India’s prowess in the I.T. realm, stating, “India knew more about Chinese cyber-related intentions than Estonia.” He emphasized the importance of building trust through closer cooperation in cybersecurity, a crucial step for India to safeguard itself against the formidable Chinese “hacker army.”

“While India is an I.T. superpower, Estonia is considered to be one of the top countries in cyber security issues,” Tiit Riisalo added.

Pevkur highlighted Estonia’s extensive experience in the cyber domain and expressed admiration for the growth of India’s defense industry. The Indian security establishment has been collaborating with Estonia on cyber issues, and future exchanges, including those involving cyber platforms, could occur not only between governments but also within the private sector.

Chinese Cyber Threats

Notorious for its cyber exploits, China has become a global menace, employing disruptive cyberattacks to coerce its rivals, affecting government agencies, global corporations, and small businesses alike. Disruptive cyberattacks by the People’s Republic of China pose a growing threat to the national security of NATO and other countries.

From the infamous Operation Aurora in 2010, where Google and dozens of other companies were compromised, to the recent APT 31 attacks targeting critics of Beijing, the Chinese cyber threat looms large.

Operation Aurora (2010): In 2010, Operation Aurora was a series of cyberattacks originating from China that targeted U.S. private sector companies. The threat actors launched a phishing campaign that compromised the networks of Yahoo, Adobe, Dow Chemical, Morgan Stanley, Google, and over two dozen other companies, stealing their trade secrets.

Google was the only company to confirm it was a victim, disclosing that the Gmail accounts of certain Chinese human rights activists had been compromised. Google also publicly attributed the incident to China.

U.S. Office of Personnel Management Hack (2015): In 2015, China hacked 21.5 million employee records, stealing information from the U.S. Office of Personnel Management.

APT 31 Attacks: Recently, the Chinese hacking group APT 31 has been accused by U.K. and U.S. officials of targeting critics of Beijing, with attacks also reported on New Zealand’s systems. Western intelligence experts use the APT naming convention to identify hacking groups linked to foreign governments. The U.S. and U.K. allege that these hacking campaigns targeted a wide range of private individuals, strategically important companies, and government officials.

The U.K. government has outlined two “malicious cyber campaigns targeting democratic institutions and parliamentarians.”

First Campaign: The first campaign allegedly involved Beijing accessing the personal details of about 40 million voters held by the Electoral Commission. The attack, which occurred between late 2021 and October 2022, reportedly had no impact on the electoral process or registrations.

Second Campaign: The second campaign was more targeted. U.K. intelligence has stated it is “highly likely” that APT 31 conducted reconnaissance against U.K. parliamentarians, particularly those critical of China. British intelligence indicated that none of the targeted accounts were compromised.

Cyber espionage/Representational Image

India’s Cooperation Against Chinese Cyber Attacks

Recognizing India’s advanced cyber and I.T. industry, US-led NATO has sought stronger cooperation with the South Asian giant to counter this growing menace of Chinese cyber threats. Cybersecurity is high on NATO’s list of potential areas of cooperation, alongside counter-terrorism, missile defense, and anti-piracy operations.

“Besides conventional security challenges, India and NATO also confront malicious cyber activities from adversarial actors. While the sources of their cyber threats are different, the nature of these threats is similar – data breaches and espionage, critical infrastructure protection, and foreign disinformation campaigns.

In addition, both are threatened by surging ransomware attacks and cybercrimes. Therefore, a promising area of collaboration for India and NATO will be a dialogue and stocktaking on cybersecurity issues, with a focus on threat assessment and sharing of best practices in cyber defense,” Sameer Patil, Deputy Director and Senior Fellow of the Centre for Security, Strategy, and Technology at the ORF, told the EurAsian Times.

Although India firmly rejected an offer to join NATO last year, emphasizing its strategic autonomy, NATO countries now seek India’s help in countering Chinese cyber threats.

As Pevkur noted, Estonia and India have already collaborated on cybersecurity issues, and the two countries could continue to do so, not only on a government-to-government basis but also between private sectors. Estonia boasts organizations like CR14, which can prove invaluable in this endeavor.

Estonia’s partnership with India represents a bold step towards a more secure digital future in the high-stakes cyber warfare game. This functional alignment allows both sides to collaborate and strengthen their defenses against China’s persistent cyber threat.

As the cyber world does not recognize alignments, only switches, this functional alignment allows both sides to give and take, forging a united front against the digital onslaught from the East.

Countries with common goals can unite to counter the cyber threat posed by China. In the high-stakes arena of cyber warfare, the unexpected alliance between Estonia and India marks a significant move towards a more secure digital future.

  • Shubhangi Palve is a defense and aerospace journalist. Before joining the EurAsian Times, she worked for E.T. Prime. In this capacity, she focused on covering defense strategies and the defense sector from a financial perspective. She offers over 15 years of extensive experience in the media industry, spanning print, electronic, and online domains.
  • Contact the author at shubhapalve (at) gmail (dot) com.