"Volunteer Cyber Army Emerges In Estonia"

STEVE INSKEEP, Host:

In recent months, we've been reporting on this program, about a growing threat facing many countries - cyber attacks. And today we're going to hear about the first country that actually experienced a cyber war - the Baltic nation of Estonia. In 2007, government, financial and media computer networks were hit by a series of paralyzing attacks. Estonian authorities suspect Russia was responsible. Now, Estonia is a model for how a country might defend itself. NPR's Tom Gjelten reports.

TOM GJELTEN: The government has organized what it calls a Total Defense League, mostly civilians, ready to mobilize in the event of any foreign threat. Jaak Aaviksoo is Estonia's defense minister.

JAAK AAVIKSOO: Insurgent activity against an occupying force sits deep in the Estonian understanding of fighting back. And I think that builds the foundation for understanding total defense in the case of Estonia.

GJELTEN: Defense Minister Jaak Aaviksoo, interviewed while visiting Washington recently, says an elite division of the country's Total Defense League is dedicated to cyber security.

AAVIKSOO: We have created a Cyber Defense League that brings together people, specialists in cyber defense, who work in the private sector, as well as in different government agencies. They bring it together to prepare for possible cyber contingencies.

GJELTEN: Defense Minister Aaviksoo says it's so important for Estonia to have a skilled cyber army that the authorities there may even institute a draft to make sure every cyber expert in the country is available in a true national emergency.

AAVIKSOO: We are thinking of introducing this conscript service, a cyber service. This is an idea that we've been playing around. We don't have neither the mechanisms nor laws in place for that. But that might be one option.

GJELTEN: Stewart Baker tried to coordinate cyber defense efforts at the Department of Homeland Security under President George W. Bush. A Cyber Defense League like Estonia's, he says, would've been really helpful.

STEWART BAKER: It means people are keeping their skills up to date in the private sector, and those skills can be called on in an emergency, which is the only time the government really needs all of them. That's a very sensible approach. And I wish we had the same kind of relationship with our IT sector that they obviously have with theirs.

GJELTEN: But Stewart Baker says it's been hard in the United States to promote public- private collaboration in cybersecurity.

BAKER: The people who work in IT in the U.S. tend to be quite suspicious of government. Maybe they think that they're so much smarter than governments that they'll be able to handle an attack on their own. But there's a standoffishness that makes it much harder to have that kind of easy confidence that you can call on people in an emergency and that they'll be respond.

GJELTEN: Estonia's firsthand experience with cyber war has probably made it easier for authorities there to implement innovative security measures, from its Cyber Defense League to a new requirement for using digital IDs to carry out many online transactions. Many countries would face resistance to such efforts.

NATO: Tom Gjelten, NPR News, Washington.

(SOUNDBITE OF MUSIC)

INSKEEP: It's MORNING EDITION, from NPR News.