Estonia is the first member state in the European Union that might be called Extremely Online. Over the past decade, the Baltic republic of 1.3 million people fully digitized its government services and medical data. More than 30 percent of Estonians voted online in the last elections, and most critical databases don’t have paper backups. To sleep a little better at night, the country has recruited volunteer hackers to respond to the kinds of electronic attacks that have flummoxed the U.S. and other countries in recent years. While many are civilians, these men and women, numbering in the low hundreds, have security clearances and the training to handle such attacks. Their sturdy, bearded commander, Andrus Padar, previously a military reservist and policeman, says the threat is taken as a given: “We have a neighbor that guarantees we will not have a boring life.”
Padar’s militia of amateur IT workers, economists, lawyers, and other white-hat types are grouped in the city of Tartu, about 65 miles from the Russian border, and in the capital, Tallinn, about twice as far from it. The volunteers, who’ve inspired a handful of similar operations around the world, are readying themselves to defend against the kind of sustained digital attack that could cause mass service outages at hospitals, banks, and military bases, and with other critical operations, including voting systems. Officially, the team is part of Estonia’s 26,000-strong national guard, the Defense League.
The additional support is welcome. Estonia’s Information System Authority says its volume of cybersecurity cases, including malware-spreading web domains and emails, rose to about 11,000 in 2017, a 20 percent jump from the year before. In 2016 hackers linked to Russian military intelligence allegedly infiltrated the network of the nation’s largest shale oil producer. (Russia has denied ordering any attack.) “We have been very, very keen on collaborating with them,” says Uku Sarekanno, the information agency’s deputy director general, of Padar’s group.