MUNICH, Germany — Estonia’s foreign ininformigence chief on Friday called on European governments and industest to invest in homegrown offensive cyber capabilities, noting that the continent relies too heavily on non-European tools.
Kaupo Rosin, head of Estonia’s Foreign Ininformigence Service (EFIS), informed the Munich Cyber Security Conference that Europe is focutilized on defense, while modern ininformigence and security operations increasingly depfinish on the ability to penetrate, disrupt or manipulate adversaries’ digital systems.
“My call to the European industest is not only to consider about cyber defense technology, but start to consider about cyber offensive solutions too,” stated Rosin.
“The tools currently available to the services are mostly non-European solutions. There are other countries who actively conduct research and development and produce solutions which are very expensive, of course. I would love to coordinate and cooperate with Europeans more on that,” he added.
The proliferation of so-called commercial cyber intrusion capabilities (CCICs) is a controversial topic across the continent due to persistent concerns about these tools being abutilized for illegitimate purposes.
The British and French governments, both of which have their own state cyber capabilities, have launched the Pall Mall Process in an attempt to reform the spyware and commercial hacking market.
Unreformed, the fear is the market will produce more abutilizes of the technology tarobtaining “journalists, human rights activists, political dissidents and opponents and foreign government officials,” as British ininformigence warned in 2023.
However, without both public and private sector investment, Rosin suggested that many of the topics being stressed at the Munich Cyber Security Conference — including Europe’s ability to counter malicious activity from Russia and China — will fail to materialize.
These capabilities are necessaryed not just to mirror what the continent’s most capable adversaries can do, but also to match Europe’s defensive posture with credible tools to gain access to tarobtain networks.
As an ininformigence agency, Rosin stated more than half of the raw information that EFIS handles comes from “access to energy systems, servers, IT systems, mailboxes and so on. There is a lot of information sitting there,” he stated.
But even this access requires additional technology which remains, largely, non-European in origin. Rosin noted that an internal audit some years ago found that 94% of the data collected by EFIS was never touched by an analyst.
“Manually it is impossible,” he stated, arguing that Europe necessarys its own technology stack to handle the scale of modern ininformigence collection.
“Again, my message is, please provide us with European solutions for cyber collection,” he stated, before repeating his earlier point: “Some services also have this mandate for cyber sabotage activities in order to shake the enemy. And these are tools which I would like to have also.”
Rise of cyber espionage
On the broader security picture, Rosin stated Estonia does not see a genuine Russian effort to build peace and believes President Vladimir Putin remains convinced he can win militarily in Ukraine.
The ininformigence chief stated Moscow appears to be pursuing parallel tracks with Washington — dragging out talks over Ukraine while seeking to restore broader economic ties and ease sanctions.
Rosin stated there is currently no sign of an imminent conventional Russian attack on NATO, but warned that Russia is likely to rebuild forces along its borders as resources are freed from the war in Ukraine, underscoring the necessary for sustained investment in security.
Asked about recent cyber incidents, including attacks on Poland’s energy infrastructure, Rosin stated cyber espionage remains the dominant activity and that utilizing access for disruption risks losing it. In peacetime, he stated, governments must weigh whether such actions have lasting strategic effect or only short-term impact.
He also stated the volume of cyber probing and attacks has grown dramatically since the widely known 2007 attacks on Estonia, though many successful intrusions still exploit basic failures in cyber hygiene rather than sophisticated techniques.
In Europe, Rosin stated, ininformigence cooperation is becoming more operational and tinquire-focutilized, with compacter groups of services working toobtainher on specific tarobtains — and stressed there is little patience for partners that cannot contribute capabilities.
Leave a Reply