Currently released so far... 97115 / 251,287
Articles
Brazil
Sri Lanka
United Kingdom
Sweden
00. Editorial
United States
Latin America
Egypt
Jordan
Yemen
Thailand
Browse latest releases
2010/12/01
2010/12/02
2010/12/03
2010/12/04
2010/12/05
2010/12/06
2010/12/07
2010/12/08
2010/12/09
2010/12/10
2010/12/11
2010/12/12
2010/12/13
2010/12/14
2010/12/15
2010/12/16
2010/12/17
2010/12/18
2010/12/19
2010/12/20
2010/12/21
2010/12/22
2010/12/23
2010/12/25
2010/12/26
2010/12/27
2010/12/28
2010/12/29
2010/12/30
2011/01/01
2011/01/02
2011/01/04
2011/01/05
2011/01/07
2011/01/09
2011/01/11
2011/01/12
2011/01/13
2011/01/14
2011/01/15
2011/01/16
2011/01/17
2011/01/18
2011/01/19
2011/01/20
2011/01/21
2011/01/22
2011/01/23
2011/01/24
2011/01/25
2011/01/26
2011/01/27
2011/01/28
2011/01/29
2011/01/30
2011/01/31
2011/02/01
2011/02/02
2011/02/03
2011/02/04
2011/02/05
2011/02/06
2011/02/07
2011/02/08
2011/02/09
2011/02/10
2011/02/11
2011/02/12
2011/02/13
2011/02/14
2011/02/15
2011/02/16
2011/02/17
2011/02/18
2011/02/19
2011/02/20
2011/02/21
2011/02/22
2011/02/23
2011/02/24
2011/02/25
2011/02/26
2011/02/27
2011/02/28
2011/03/01
2011/03/02
2011/03/03
2011/03/04
2011/03/05
2011/03/06
2011/03/07
2011/03/08
2011/03/09
2011/03/10
2011/03/11
2011/03/13
2011/03/14
2011/03/15
2011/03/16
2011/03/17
2011/03/18
2011/03/19
2011/03/20
2011/03/21
2011/03/22
2011/03/23
2011/03/24
2011/03/25
2011/03/26
2011/03/27
2011/03/28
2011/03/29
2011/03/30
2011/03/31
2011/04/01
2011/04/02
2011/04/03
2011/04/04
2011/04/05
2011/04/06
2011/04/07
2011/04/08
2011/04/09
2011/04/10
2011/04/11
2011/04/12
2011/04/13
2011/04/14
2011/04/15
2011/04/16
2011/04/17
2011/04/18
2011/04/19
2011/04/20
2011/04/21
2011/04/22
2011/04/23
2011/04/24
2011/04/25
2011/04/26
2011/04/27
2011/04/28
2011/04/29
2011/04/30
2011/05/01
2011/05/02
2011/05/03
2011/05/04
2011/05/05
2011/05/06
2011/05/07
2011/05/09
2011/05/10
2011/05/11
2011/05/12
2011/05/13
2011/05/14
2011/05/15
2011/05/16
2011/05/17
2011/05/18
2011/05/19
2011/05/20
2011/05/21
2011/05/22
2011/05/23
2011/05/24
2011/05/25
2011/05/26
2011/05/27
2011/05/28
2011/05/29
2011/05/30
2011/05/31
2011/06/01
2011/06/02
2011/06/03
2011/06/04
2011/06/05
2011/06/06
2011/06/07
2011/06/08
2011/06/09
2011/06/10
2011/06/11
2011/06/12
2011/06/13
2011/06/14
2011/06/15
2011/06/16
2011/06/17
2011/06/18
2011/06/19
2011/06/20
2011/06/21
2011/06/22
2011/06/23
2011/06/24
2011/06/25
2011/06/26
2011/06/27
2011/06/28
2011/06/29
2011/06/30
2011/07/01
2011/07/02
2011/07/04
2011/07/05
2011/07/06
2011/07/07
2011/07/08
2011/07/10
2011/07/11
2011/07/12
2011/07/13
2011/07/14
2011/07/15
2011/07/16
2011/07/17
2011/07/18
2011/07/19
2011/07/20
2011/07/21
2011/07/22
2011/07/23
2011/07/25
2011/07/27
2011/07/28
2011/07/29
2011/07/31
2011/08/01
2011/08/02
2011/08/03
2011/08/05
2011/08/06
2011/08/07
2011/08/08
2011/08/10
2011/08/11
2011/08/12
2011/08/13
2011/08/15
2011/08/16
2011/08/17
2011/08/19
2011/08/21
2011/08/22
2011/08/23
2011/08/24
2011/08/25
Browse by creation date
Browse by origin
Embassy Athens
Embassy Asuncion
Embassy Astana
Embassy Asmara
Embassy Ashgabat
Embassy Apia
Embassy Antananarivo
Embassy Ankara
Embassy Amman
Embassy Algiers
Embassy Addis Ababa
Embassy Accra
Embassy Abuja
Embassy Abu Dhabi
Embassy Abidjan
Consulate Auckland
Consulate Amsterdam
Consulate Alexandria
Consulate Adana
American Institute Taiwan, Taipei
Embasy Bonn
Embassy Bujumbura
Embassy Buenos Aires
Embassy Budapest
Embassy Bucharest
Embassy Brussels
Embassy Bridgetown
Embassy Brazzaville
Embassy Bratislava
Embassy Brasilia
Embassy Bogota
Embassy Bishkek
Embassy Bern
Embassy Berlin
Embassy Belmopan
Embassy Belgrade
Embassy Beirut
Embassy Beijing
Embassy Banjul
Embassy Bangui
Embassy Bangkok
Embassy Bandar Seri Begawan
Embassy Bamako
Embassy Baku
Embassy Baghdad
Consulate Belfast
Consulate Barcelona
Embassy Cotonou
Embassy Copenhagen
Embassy Conakry
Embassy Colombo
Embassy Chisinau
Embassy Caracas
Embassy Canberra
Embassy Cairo
Consulate Curacao
Consulate Ciudad Juarez
Consulate Chiang Mai
Consulate Chennai
Consulate Chengdu
Consulate Casablanca
Consulate Cape Town
Consulate Calgary
Embassy Dushanbe
Embassy Dublin
Embassy Doha
Embassy Djibouti
Embassy Dili
Embassy Dhaka
Embassy Dar Es Salaam
Embassy Damascus
Embassy Dakar
DIR FSINFATC
Consulate Dusseldorf
Consulate Durban
Consulate Dubai
Consulate Dhahran
Embassy Guatemala
Embassy Grenada
Embassy Georgetown
Embassy Gaborone
Consulate Guayaquil
Consulate Guangzhou
Consulate Guadalajara
Embassy Helsinki
Embassy Harare
Embassy Hanoi
Consulate Hong Kong
Consulate Ho Chi Minh City
Consulate Hermosillo
Consulate Hamilton
Consulate Hamburg
Consulate Halifax
Embassy Kyiv
Embassy Kuwait
Embassy Kuala Lumpur
Embassy Kolonia
Embassy Kinshasa
Embassy Kingston
Embassy Kigali
Embassy Khartoum
Embassy Kathmandu
Embassy Kampala
Embassy Kabul
Consulate Krakow
Consulate Kolkata
Consulate Karachi
Consulate Kaduna
Embassy Luxembourg
Embassy Lusaka
Embassy Luanda
Embassy London
Embassy Lome
Embassy Ljubljana
Embassy Lisbon
Embassy Lima
Embassy Lilongwe
Embassy Libreville
Embassy La Paz
Consulate Leipzig
Consulate Lahore
Consulate Lagos
Mission USOSCE
Mission USNATO
Mission UNESCO
Mission Geneva
Embassy Muscat
Embassy Moscow
Embassy Montevideo
Embassy Monrovia
Embassy Mogadishu
Embassy Minsk
Embassy Mexico
Embassy Mbabane
Embassy Maseru
Embassy Maputo
Embassy Manila
Embassy Manama
Embassy Managua
Embassy Malabo
Embassy Madrid
Consulate Munich
Consulate Mumbai
Consulate Montreal
Consulate Monterrey
Consulate Milan
Consulate Merida
Consulate Melbourne
Consulate Matamoros
Consulate Marseille
Embassy Nouakchott
Embassy Nicosia
Embassy Niamey
Embassy New Delhi
Embassy Ndjamena
Embassy Nassau
Embassy Nairobi
Consulate Nuevo Laredo
Consulate Naples
Consulate Naha
Consulate Nagoya
Embassy Pristina
Embassy Pretoria
Embassy Praia
Embassy Prague
Embassy Port Of Spain
Embassy Port Moresby
Embassy Port Louis
Embassy Port Au Prince
Embassy Podgorica
Embassy Phnom Penh
Embassy Paris
Embassy Paramaribo
Embassy Panama
Consulate Ponta Delgada
Consulate Peshawar
REO Mosul
REO Kirkuk
REO Hillah
REO Basrah
Embassy Rome
Embassy Riyadh
Embassy Riga
Embassy Reykjavik
Embassy Rangoon
Embassy Rabat
Consulate Rio De Janeiro
Consulate Recife
Secretary of State
Embassy Suva
Embassy Stockholm
Embassy Sofia
Embassy Skopje
Embassy Singapore
Embassy Seoul
Embassy Sarajevo
Embassy Santo Domingo
Embassy Santiago
Embassy Sanaa
Embassy San Salvador
Embassy San Jose
Consulate Surabaya
Consulate Strasbourg
Consulate St Petersburg
Consulate Shenyang
Consulate Shanghai
Consulate Sapporo
Consulate Sao Paulo
Embassy Tunis
Embassy Tripoli
Embassy Tokyo
Embassy Tirana
Embassy The Hague
Embassy Tel Aviv
Embassy Tehran
Embassy Tegucigalpa
Embassy Tbilisi
Embassy Tashkent
Embassy Tallinn
Consulate Toronto
Consulate Tijuana
Consulate Thessaloniki
USUN New York
USMISSION USTR GENEVA
USEU Brussels
US Office Almaty
US Mission Geneva
US Mission CD Geneva
US Interests Section Havana
US Delegation, Secretary
US Delegation FEST TWO
UNVIE
UN Rome
Embassy Ulaanbaatar
Embassy Vilnius
Embassy Vientiane
Embassy Vienna
Embassy Vatican
Embassy Valletta
Consulate Vladivostok
Consulate Vancouver
Browse by tag
AF
ADANA
ASEC
AFIN
AMGT
AE
AORC
AID
AR
AO
AU
ASEAN
AGOA
AFGHANISTAN
AFFAIRS
AMED
APER
ASECARP
APEC
AEMR
AS
AA
ANET
AFLU
ABLD
AL
ASUP
AJ
APECO
AMER
ABUD
AODE
AM
AFSN
AESC
AND
AG
ALOW
AROC
AVIANFLU
ATRN
ACOA
AEGR
AMGMT
AADP
AFSI
ACABQ
APRM
AZ
AIDS
ASE
AGAO
ADCO
ABDALLAH
ARF
AIDAC
ACOTA
ASCH
AC
ASEG
AGR
ACS
AMCHAMS
AN
AMIA
ASIG
ADPM
ADB
ANARCHISTS
ALOWAR
ARM
AUC
AINF
AINT
AORG
AY
AVIAN
AMEDCASCKFLO
AK
ARSO
ARABBL
ASO
ANTITERRORISM
ARABL
AOWC
AGRICULTURE
ALJAZEERA
AMTC
AFINM
AOCR
ABER
ARR
AFPK
ASSEMBLY
ASSK
AZE
AORCYM
AINR
AGMT
AEC
ACKM
APRC
AIN
ASCC
AFPREL
ASED
APERTH
ASFC
ASECTH
AFSA
AOMS
AORCO
ANTXON
ARC
AFAF
ADIP
AIAG
AFARI
AEMED
AORL
AX
ASECAF
AOPC
ASECAFIN
AFZAL
APCS
AMB
AGUIRRE
AEMRASECCASCKFLOMARRPRELPINRAMGTJMXL
AIT
ARCH
AMEX
ALI
AQ
ATFN
AMBASSADOR
AORCD
AVIATION
ARAS
AINFCY
ACBAQ
AOPR
AREP
ALEXANDER
ATRD
AEIR
AOIC
ABLDG
ASEX
AFR
ASCE
ATRA
ASEK
AER
ALOUNI
AMCT
AVERY
APR
AMAT
AEMRS
ASPA
AFU
AMG
ATPDEA
ALL
AECL
ACAO
ASECKFRDCVISKIRFPHUMSMIGEG
AORD
AFL
AME
ADM
ASECPHUM
AGIT
ABT
ASECVE
AGUILAR
AT
ABMC
ALZUGUREN
ANGEL
ASR
ANTONIO
BMGT
BEXP
BM
BG
BL
BA
BR
BTA
BO
BY
BBSR
BLUE
BK
BF
BTIO
BELLVIEW
BE
BU
BN
BH
BD
BC
BTC
BILAT
BT
BX
BRUSSELS
BP
BB
BRPA
BUSH
BURMA
BMENA
BESP
BIT
BBG
BGD
BMEAID
BAGHDAD
BEN
BIO
BMOT
BWC
BLUNT
BURNS
BUT
BGMT
BAIO
BCW
BOEHNER
BFIF
BOL
BASHAR
BIMSTEC
BOU
BIDEN
BZ
BFIN
BTRA
BI
BHUM
BOIKO
BERARDUCCI
BOUCHAIB
BORDER
BEXPC
BTIU
BTT
BIOS
BEXB
BGPGOV
BOND
BLR
CE
CG
CH
CVR
CASC
CU
CI
CD
CO
CDG
CB
CJAN
CPAS
COM
CVIS
CMGT
CT
CENTCOM
CNARC
CTERR
COUNTER
CHIEF
CDC
CTR
CBW
COUNTRY
CLEARANCE
CY
CA
CM
CS
CWC
CN
CITES
CF
CWG
CIVS
CFIS
CASCC
CROATIA
CONS
COUNTERTERRORISM
CASA
COE
CJ
CHR
CODEL
CR
CBC
CACS
CHERTOFF
CAS
CONTROL
CONDITIONS
CONDOLEEZZA
CITEL
CV
CLINTON
CHG
CZ
CON
CTBT
CEN
CRIMES
COMMERCE
CLOK
CRISTINA
CFED
CARC
CND
CTM
CARICOM
COUNTRYCLEARANCE
CBTH
CHINA
CSW
CICTE
CJUS
CYPRUS
CW
CAMBODIA
CENSUS
CIDA
CRIME
CBG
CBE
CMGMT
CAIO
CEC
CARSON
CPCTC
CEDAW
COMESA
CVIA
CWCM
CEA
COSI
CAPC
CGEN
COPUOS
CGOPRC
COETRD
CKGR
CFE
CQ
CITT
CIC
CARIB
CVIC
CLO
CAFTA
CVISU
CHRISTOPHER
CACM
CIAT
CDB
CIS
CUL
CHAO
CNC
CL
CSEP
COMMAND
CENTER
COL
CAN
CAJC
CUIS
CONSULAR
CLMT
CIA
CBSA
CEUDA
CAC
CROS
CIO
CPUOS
CKOR
CVPR
CONG
CONTROLS
CEPTER
CVISCMGTCASCKOCIASECPHUMSMIGKIRF
CDCE
DPOL
DEMARCHE
DHS
DR
DA
DISENGAGEMENT
DEMOCRATIC
DEFENSE
DJ
DY
DARFUR
DHRF
DEA
DTRO
DPRK
DO
DARFR
DOC
DRL
DK
DOJ
DTRA
DOMESTIC
DAC
DOD
DEAX
DIEZ
DEOC
DELTAVIOLENCE
DCOM
DMINE
DRC
DCG
DPKO
DOMESTICPOLITICS
DE
DB
DOT
DEPT
DOE
DHLAKAMA
DHSX
DS
DKEM
DAO
DCM
DANIEL
DEM
DAVID
DCRM
ETRD
EAGR
ETTC
EAID
ECON
EFIN
ECIN
EINV
ELAB
EAIR
ENRG
EPET
EWWT
ECPS
EIND
EMIN
ELTN
EC
ETMIN
EUC
EZ
ET
ELECTIONS
ENVR
EU
EUN
EG
EINT
ER
ECONOMICS
ES
EMS
ENIV
EEB
EN
ECE
ECOSOC
EK
ENVIRONMENT
EFIS
EI
EWT
ENGRD
ECPSN
EXIM
EIAD
ERIN
ECPC
EDEV
ENGY
ECTRD
EPA
ESTH
ECCT
EINVECON
ENGR
ERTD
EUR
EAP
EWWC
ELTD
EL
EXIMOPIC
EXTERNAL
ETRDEC
ESCAP
ECO
EGAD
ELNT
ECONOMIC
ENV
ETRN
EIAR
EUMEM
ENRGPARMOTRASENVKGHGPGOVECONTSPLEAID
EREL
ECOM
ECONETRDEAGRJA
ETCC
ETRG
ECONOMY
EMED
ETR
ENERG
EITC
EFINOECD
EURM
EENG
ERA
EXPORT
ENRD
ECONEINVETRDEFINELABETRDKTDBPGOVOPIC
EGEN
EBRD
EVIN
ETRAD
ECOWAS
EFTA
ECONETRDBESPAR
EGOVSY
EPIN
EID
ECONENRG
EDRC
ESENV
ETT
EB
ENER
ELTNSNAR
ECHEVARRIA
ETRC
EPIT
EDUC
ESA
EFI
ENRGY
ESCI
EE
EAIDXMXAXBXFFR
EETC
ECIP
EIAID
EIVN
EBEXP
ESTN
EING
EGOV
ETRA
EPETEIND
ELAN
ETRDGK
EAIDRW
ETRDEINVECINPGOVCS
EPEC
ENVI
ELN
EAG
EPCS
EPRT
EPTED
ETRB
EUM
EAIDS
EFIC
EFINECONEAIDUNGAGM
EAIDAR
ESF
EIDN
ELAM
EDU
EV
EAIDAF
ECN
EDA
EXBS
EINTECPS
ENRGTRGYETRDBEXPBTIOSZ
EPREL
EAC
EINVEFIN
ETA
EAGER
EINDIR
ECA
ECLAC
ELAP
EITI
EUCOM
ECONEFINETRDPGOVEAGRPTERKTFNKCRMEAID
EARG
ELDIN
EINVKSCA
ENNP
EFINECONCS
EFINTS
ECCP
ETC
EAIRASECCASCID
EINN
ETRP
EAIDNI
EFQ
ECOQKPKO
EGPHUM
EBUD
ECONEINVEFINPGOVIZ
ENERGY
ELB
EINDETRD
EMI
ECONEFIN
EIB
EURN
ETRDEINVTINTCS
EIN
EFIM
ETIO
ELAINE
EMN
EATO
EWTR
EIPR
EINVETC
ETTD
ETDR
EIQ
ECONCS
EPPD
ENRGIZ
EISL
ESPINOSA
ELEC
EAIG
ESLCO
EUREM
ENTG
ERD
EINVECONSENVCSJA
EEPET
EUNCH
ECINECONCS
ETRO
ETRDECONWTOCS
ECUN
EFND
EPECO
EAIRECONRP
ERGR
ETRDPGOV
ECPN
ENRGMO
EPWR
EET
EAIS
EAGRE
EDUARDO
EAGRRP
EAIDPHUMPRELUG
EICN
ECONQH
EVN
EGHG
ELBR
EINF
EAIDHO
EENV
ETEX
ERNG
ED
FR
FREEDOM
FINREF
FJ
FI
FRELIMO
FOREIGN
FAA
FETHI
FAS
FTAA
FRB
FAO
FCS
FINANCE
FWS
FTA
FEMA
FDA
FLU
FRANCISCO
FBI
FORCE
FO
FARC
FK
FT
FCSC
FAC
FM
FMGT
FINV
FCSCEG
FARM
FERNANDO
FINR
FIN
FINE
FIR
FDIC
FOR
FOI
FCUL
FKLU
FMLN
FISO
FIXED
GM
GMUS
GG
GR
GE
GAZA
GT
GH
GZ
GJ
GLOBAL
GV
GABY
GOI
GA
GCC
GB
GY
GATT
GC
GUAM
GEORGE
GTIP
GOV
GOMEZ
GUTIERREZ
GL
GKGIC
GF
GU
GWI
GARCIA
GTMO
GN
GANGS
GIPNC
GAERC
GREGG
GUILLERMO
GASPAR
GERARD
GI
HK
HR
HUMANR
HUMAN
HO
HA
HUMANRIGHTS
HU
HHS
HIV
HUM
HRKAWC
HILLEN
HILLARY
HDP
HUMRIT
HSTC
HUMANITARIAN
HCOPIL
HADLEY
HURI
HL
HRETRD
HOURANI
HG
HARRIET
HESHAM
HI
HNCHR
HARRY
HRECON
HRC
HOSTAGES
HEBRON
HUMOR
HSWG
HYMPSK
HECTOR
HN
HYDE
HUD
HRPGOV
HIGHLIGHTS
ID
ILC
IS
IZ
ICAO
IMO
ITU
IR
IAEA
ICRC
IPROP
IT
IBRD
ISRAELI
IRAQI
ISSUES
ITRA
IV
IO
IGAD
IRAQ
IN
IMF
ICTR
ISCON
IADB
IDB
IEA
INR
IWC
ICCAT
ILO
INMARSAT
IOM
ICJ
IQ
ISPA
ITRD
IPR
INTELSAT
ISN
IAHRC
INTERNAL
IFAD
IICA
IHO
IRAN
IL
IRCE
IC
INTELLECTUAL
IRM
IE
ICTY
IDLI
IFO
ISCA
INF
INL
ISRAEL
INV
IBB
INFLUENZA
ISPL
ITER
ITIA
INRA
ISAF
IACHR
INTERPOL
IFR
IRS
INRB
IEF
ISAAC
ICC
INDO
IIP
IATTC
INAUGURATION
IND
INS
IZPREL
IACI
IEFIN
INNP
ILAB
IA
IMTS
ITALY
ITALIAN
IFIN
IRAJ
IX
ICG
IF
ITPHUM
ITA
IP
IACW
IK
IUCN
IZEAID
IRPE
IDA
ISLAMISTS
ITF
INRO
IBET
IDP
IRC
ISO
ICES
IRMO
ITPGOV
IQNV
IMSO
IRDB
IMET
INCB
IFRC
JA
JO
JP
JM
JCIC
JOHN
JE
JEFFERY
JS
JUS
JN
JOHNNIE
JAMES
JKUS
JOSEPH
JML
JAWAD
JSRP
JIMENEZ
JOSE
JKJUS
JK
JAPAN
KMDR
KPAO
KPKO
KJUS
KCRM
KGHG
KFRD
KWMN
KDEM
KTFN
KHIV
KGIC
KIDE
KSCA
KNNP
KHUM
KIPR
KSUM
KISL
KIRF
KCOR
KRCM
KPAL
KWBG
KN
KS
KOMC
KSEP
KFLU
KPWR
KTIA
KSEO
KMPI
KHLS
KICC
KSTH
KMCA
KVPR
KPRM
KE
KU
KZ
KFLO
KSAF
KTIP
KTEX
KBCT
KOCI
KOLY
KOR
KAWC
KACT
KUNR
KTDB
KSTC
KLIG
KSKN
KNN
KCFE
KCIP
KGHA
KHDP
KPOW
KUNC
KDRL
KV
KPREL
KCRS
KPOL
KRVC
KRIM
KGIT
KWIR
KT
KIRC
KOMO
KRFD
KUWAIT
KG
KFIN
KSCI
KTFIN
KFTN
KGOV
KPRV
KSAC
KGIV
KCRIM
KPIR
KSOC
KBIO
KW
KGLB
KMWN
KPO
KFSC
KSEAO
KSTCPL
KSI
KPRP
KREC
KFPC
KUNH
KCSA
KMRS
KNDP
KR
KICCPUR
KPPAO
KCSY
KTBT
KCIS
KNEP
KFRDCVISCMGTCASCKOCIASECPHUMSMIGEG
KNNB
KGCC
KINR
KPOP
KMFO
KENV
KNAR
KVIR
KDRG
KDMR
KFCE
KNAO
KDEN
KGCN
KICA
KIMMITT
KMCC
KLFU
KMSG
KSEC
KUM
KCUL
KMNP
KSMT
KCOM
KOMCSG
KSPR
KPMI
KRAD
KIND
KCRP
KAUST
KWAWC
KTER
KCHG
KRDP
KPAS
KITA
KTSC
KPAOPREL
KWGB
KIRP
KJUST
KMIG
KLAB
KTFR
KSEI
KSTT
KAPO
KSTS
KLSO
KWNN
KPOA
KHSA
KNPP
KPAONZ
KBTS
KWWW
KY
KJRE
KPAOKMDRKE
KCRCM
KSCS
KWMNCI
KESO
KWUN
KPLS
KIIP
KEDEM
KPAOY
KRIF
KGICKS
KREF
KTRD
KFRDSOCIRO
KTAO
KJU
KWMNPHUMPRELKPAOZW
KEN
KO
KNEI
KEMR
KKIV
KEAI
KWAC
KRCIM
KWCI
KFIU
KWIC
KCORR
KOMS
KNNO
KPAI
KBWG
KTTB
KTBD
KTIALG
KILS
KFEM
KTDM
KESS
KNUC
KPA
KOMCCO
KCEM
KRCS
KWBGSY
KNPPIS
KNNPMNUC
KWN
KERG
KLTN
KALM
KCCP
KSUMPHUM
KREL
KGH
KLIP
KTLA
KAWK
KWMM
KVRP
KVRC
KAID
KSLG
KDEMK
KX
KIF
KNPR
KCFC
KFTFN
KTFM
KPDD
KCERS
KMOC
KDEMAF
KMEPI
KEMS
KDRM
KEPREL
KBTR
KEDU
KNP
KIRL
KNNR
KMPT
KISLPINR
KTPN
KA
KJUSTH
KPIN
KDEV
KTDD
KAKA
KFRP
KWNM
KTSD
KINL
KJUSKUNR
KWWMN
KECF
KWBC
KPRO
KVBL
KOM
KFRDKIRFCVISCMGTKOCIASECPHUMSMIGEG
KEDM
KFLD
KLPM
KRGY
KNNF
KICR
KIFR
KM
KWMNCS
KAWS
KLAP
KPAK
KDDG
KCGC
KID
KNSD
KMPF
KPFO
KDP
KCMR
KRMS
KNPT
KNNNP
KTIAPARM
KDTB
KNUP
KPGOV
KNAP
KNNC
KUK
KSRE
KREISLER
KIVP
KQ
KTIAEUN
KPALAOIS
KRM
KISLAO
KWM
KFLOA
LE
LU
LH
LA
LG
LO
LY
LANTERN
LI
LABOR
LORAN
LTTE
LT
LAS
LAB
LAW
LVPR
LARREA
LEBIK
LAURA
LS
LOTT
LOVE
LR
LEON
LAVIN
LGAT
LV
LAOS
LOG
LN
LB
MOPS
MO
MARR
ML
MASS
MZ
MR
MNUC
MX
MV
MCC
MY
MEDIA
MTCRE
MG
MCAP
MOPPS
MP
MI
MK
MC
MD
MA
MU
MASC
MW
MT
MEPP
MN
MTCR
MH
MEPI
MIL
MNUCPTEREZ
MMAR
MICHAEL
MUNC
MDC
MPOS
MONUC
MAR
MGMT
MAS
MEPN
MENDIETA
MARIA
MONTENEGRO
MOOPS
MSG
MARITIME
MURRAY
MUKASEY
MOTO
MCA
MFO
MEX
MRSEC
MMED
MACP
MAAR
MINUSTAH
MCCONNELL
MAPP
MGT
MARQUEZ
MANUEL
MNUR
MCCAIN
MF
MOHAMMAD
MOHAMED
MNU
MFA
MILITANTS
MINORITIES
MTS
MLS
MILI
MIAH
MEETINGS
MERCOSUR
MED
MARAD
MNVC
MINURSO
MNUCUN
MIK
MARK
MBM
MPP
MILITARY
MAPS
MNUK
MILA
MTRRE
MACEDONIA
MICHEL
MASSMNUC
MUCN
MQADHAFI
MPS
MARRGH
MRCRE
MTRE
MORALES
MAP
MCTRE
MHUC
MOPSGRPARM
MOROCCO
MCAPS
NL
NU
NS
NI
NPT
NATO
NO
NG
NATEU
NSF
NZ
NAS
NP
NDP
NLD
NGO
NEPAD
NAFTA
NASA
NEA
NGUYEN
NIH
NK
NIPP
NONE
NR
NANCY
NEGROPONTE
NRR
NERG
NSSP
NSG
NSFO
NE
NATSIOS
NFSO
NATIONAL
NTDB
NT
NCD
NTSB
NRC
NELSON
NAM
NH
NPG
NEC
NSC
NFATC
NMFS
NATOIRAQ
NAR
NZUS
NARC
NCCC
NA
NC
NEW
NRG
NUIN
NOVO
NATOPREL
NEY
NV
NICHOLAS
NPA
NW
NARCOTICS
NORAD
NOAA
NON
NTTC
NKNNP
NMNUC
NUMBERING
ODIP
OIIP
OPRC
OSCE
OREP
OTRA
OPET
OSCI
OVIP
OECD
OCII
OUALI
OPDC
OEXC
OFPD
OPIC
OFDP
OPCW
OECV
OAS
OM
OMIG
ODAG
OPREP
ORA
OIC
OEXCSCULKPAO
OIG
OASS
OFFICIALS
ORTA
OSAC
OIL
OIE
OEXP
OPEC
OPDAT
OMS
OES
OHI
OMAR
OCRA
OFSO
OCBD
OSTA
OAO
ONA
OTP
ORC
OAU
OXEC
OA
ODPC
OPDP
OVIPPRELUNGANU
OASC
OSHA
OPCD
OTR
OPPI
OPCR
OF
OFDPQIS
OSIC
OHUM
OSTRA
OASCC
OBSP
OFDA
OPICEAGR
OIM
OGAC
OTA
OTRAORP
OPPC
OESC
OCEA
OVP
ON
OPAD
OTAR
OCS
ODC
OTRD
OCED
OSD
ORUE
OREG
PHUM
PINR
PTER
PGOV
PREL
PREF
PL
PM
PHSA
PE
PARM
PINS
PK
PUNE
PO
PALESTINIAN
PU
PBTS
PROP
PTBS
POL
POLI
PA
PGOVZI
POLMIL
POLITICAL
PARTIES
POLM
PD
POLITICS
POLICY
PAS
PMIL
PINT
PNAT
PV
PKO
PPOL
PERSONS
PING
PBIO
PH
PETR
PARMS
PRES
PCON
PETERS
PRELBR
PT
PLAB
PP
PAK
PDEM
PKPA
PSOCI
PF
PLO
PTERM
PJUS
PSOE
PELOSI
PROPERTY
PGOVPREL
PARP
PRL
PNIR
PHUMKPAL
PG
PREZ
PGIC
PBOV
PAO
PKK
PROV
PHSAK
PHUMPREL
PROTECTION
PGOVBL
PSI
PRELPK
PGOVENRG
PUM
PRELKPKO
PATTY
PSOC
PRIVATIZATION
PRELSP
PGOVEAIDUKNOSWGMHUCANLLHFRSPITNZ
PMIG
PREC
PAIGH
PROG
PSHA
PARK
PETER
POG
PHUS
PPREL
PS
PTERPREL
PRELPGOV
POV
PKPO
PGOVECON
POUS
PGOVPRELPHUMPREFSMIGELABEAIDKCRMKWMN
PWBG
PMAR
PREM
PAR
PNR
PRELPGOVEAIDECONEINVBEXPSCULOIIPBTIO
PARMIR
PGOVGM
PHUH
PARTM
PN
PRE
PTE
PY
POLUN
PPEL
PDOV
PGOVSOCI
PIRF
PGOVPM
PBST
PRELEVU
PGOR
PBTSRU
PRM
PRELKPAOIZ
PGVO
PERL
PGOC
PAGR
PMIN
PHUMR
PVIP
PPD
PGV
PRAM
PINL
PKPAL
PTERE
PGOF
PINO
PHAS
PODC
PRHUM
PHUMA
PREO
PPA
PEPFAR
PGO
PRGOV
PAC
PRESL
PORG
PKFK
PEPR
PRELP
PREFA
PNG
PGOVPHUMKPAO
PRELECON
PINOCHET
PFOR
PGOVLO
PHUMBA
PRELC
PREK
PHUME
PHJM
POLINT
PGOVPZ
PGOVKCRM
PGOVE
PHALANAGE
PARTY
PECON
PEACE
PROCESS
PLN
PRELSW
PAHO
PEDRO
PRELA
PASS
PPAO
PGPV
PNUM
PCUL
PGGV
PSA
PGOVSMIGKCRMKWMNPHUMCVISKFRDCA
PGIV
PRFE
POGOV
PEL
PBT
PAMQ
PINF
PSEPC
POSTS
PHUMPGOV
PVOV
PHSAPREL
PROLIFERATION
PENA
PRELTBIOBA
PIN
PRELL
PGOVPTER
PHAM
PHYTRP
PTEL
PTERPGOV
PHARM
PROTESTS
PRELAF
PKBL
PRELKPAO
PKNP
PARMP
PHUML
PFOV
PERM
PUOS
PRELGOV
PHUMPTER
PARAGRAPH
PERURENA
PBTSEWWT
PCI
PETROL
PINSO
PINSCE
PQL
PEREZ
PBS
RS
REFUGEES
RW
RP
RELFREE
RO
REGIONAL
RIGHTS
REACTION
REPORT
RU
RENAMO
RIGHTSPOLMIL
REFORM
RM
REFUGEE
REL
RELATIONS
ROW
RREL
REGION
RATIFICATION
RBI
RICE
ROOD
RODENAS
RUIZ
RODHAM
ROBERT
RGY
ROY
REUBEN
RELIGIOUS
RUEHZO
RODRIGUEZ
RUEUN
RELAM
RSP
RF
RSO
RCMP
REO
ROSS
RPTS
RENE
REID
RUPREL
RMA
RI
REMON
RPEL
RFE
RFIN
RA
RAFAEL
RAY
RUS
RPREL
ROBERTG
RECIN
RAMONTEIJELO
SNAR
SP
SN
SMIG
SL
SOCI
SU
SG
SF
SENV
SZ
SOE
SCUL
SY
SO
SR
SYR
SE
SA
SW
SIPDIS
SCIENCE
SADC
SI
SCI
SOCIETY
SC
SAARC
STR
SECRETARY
SANC
SSH
ST
SNA
SGWI
SEP
SOCIS
SETTLEMENTS
SPECIALIST
SK
SHUM
START
STET
SCVL
SREF
SCHUL
SCUIL
SYRIA
SECURITY
SPCE
SYAI
SMIL
SOWGC
STEPHEN
SNRV
SKCA
SENSITIVE
SECI
SNAP
SPP
SCUD
SOM
SPECI
SMIGBG
SENC
SCRM
SGNV
SECTOR
SENVEAGREAIDTBIOECONSOCIXR
SENVSXE
SASIAIN
SACU
SENVSPL
SWMN
STEINBERG
SOPN
SOCR
SCOI
SCRS
SILVASANDE
SWE
SARS
SNARIZ
SUDAN
SENVQGR
SM
SNARKTFN
SAAD
SD
SAN
SIPRNET
STATE
SENS
SUBJECT
SFNV
SECSTATE
SSA
SPCVIS
SOI
SOFA
SCULKPAOECONTU
SPTER
SKSAF
SENVKGHG
SHI
SEVN
SANR
SPSTATE
SMITH
SCOM
SH
SNARCS
SNARN
SIPRS
SNARM
SIPDI
SCPR
SNIG
SELAB
SULLIVAN
SENVENV
SECDEF
SOLIC
SOIC
SPAS
SASC
SOSI
SEC
SEN
SENVCASCEAIDID
TU
TH
TW
TSPA
TRGY
TPHY
TBIO
TIFA
TS
TZ
TX
TSPL
TT
TK
TC
TINT
TERFIN
TERRORISM
TIP
TURKEY
TI
TECHNOLOGY
TNGD
TRSY
TRAFFICKING
TOPEC
TPSL
TP
TD
TR
TA
TIO
TREATY
TO
THPY
TECH
TRADE
TPSA
TG
TAGS
TF
TRAD
THKSJA
TVBIO
TNDG
TN
TBIOZK
TWI
TV
TWL
TRT
TWRO
TSRY
TTPGOV
TAUSCHER
TRBY
TRBIO
TL
TPKO
TIA
TGRY
TSPAM
TREL
TNAR
TBI
TFIN
TPHYPA
TWCH
THOMMA
THOMAS
TERROR
TRY
TBID
TPP
TE
THANH
TJ
TBKIO
UNGA
USUN
UN
UG
UNSC
UK
UP
US
UNCTAD
UNVIE
UNHRC
USTR
UNAMA
UNCRIME
UNESCO
UV
UNDP
UNHCR
UNCSD
UNCHR
UZ
USAID
UNEP
UNO
UNPUOS
UY
UNDC
UNCITRAL
UNAUS
UNCND
UA
UNMIK
USTDA
USEU
USDA
UNICEF
UR
UNFICYP
USNC
USTRRP
UNODC
UNRWA
UNOMIG
USTRPS
USAU
USCC
UNEF
UNGAPL
UNFPA
UNSCE
USSC
UGA
UEU
UNMIC
UNTAC
UNION
UNCLASSIFIED
USPS
UNA
UMIK
USOAS
UNMOVIC
UNFA
UNAIDS
UNCHC
USGS
UNSE
UNRCR
UNTERR
USG
UE
UAE
UNWRA
UNCSW
UNSCR
UNCHS
UNDESCO
UNPAR
UNC
UB
UNSCS
UKXG
UNGACG
UNREST
UNHR
USPTO
UNFCYP
USCG
UNIDROIT
UNSCD
UPU
UNBRO
UNECE
USTRUWR
UNCC
UNESCOSCULPRELPHUMKPALCUIRXFVEKV
VM
VE
VT
VETTING
VN
VZ
VIS
VC
VTPREL
VIP
VTEAID
VTEG
VOA
VA
VTIZ
VANG
VISIT
VO
VENZ
VAT
VI
VEPREL
VEN
WFP
WTO
WHO
WTRO
WBG
WMO
WIPO
WA
WI
WSIS
WHA
WCL
WE
WMN
WEBZ
WS
WAR
WZ
WMD
WW
WILLIAM
WEET
WAEMU
WM
WWBG
WWT
WWARD
WITH
WMDT
WTRQ
WCO
WEU
WALTER
WRTO
WB
WHTI
WBEG
WCI
WEF
WAKI
WHOA
WGC
Browse by classification
Community resources
courage is contagious
Viewing cable 07TALLINN375, ESTONIA'S CYBER ATTACKS: LESSONS LEARNED
If you are new to these pages, please read an introduction on the structure of a cable as well as how to discuss them with others. See also the FAQs
Understanding cables
Every cable message consists of three parts:
- The top box shows each cables unique reference number, when and by whom it originally was sent, and what its initial classification was.
- The middle box contains the header information that is associated with the cable. It includes information about the receiver(s) as well as a general subject.
- The bottom box presents the body of the cable. The opening can contain a more specific subject, references to other cables (browse by origin to find them) or additional comment. This is followed by the main contents of the cable: a summary, a collection of specific topics and a comment section.
Discussing cables
If you find meaningful or important information in a cable, please link directly to its unique reference number. Linking to a specific paragraph in the body of a cable is also possible by copying the appropriate link (to be found at theparagraph symbol). Please mark messages for social networking services like Twitter with the hash tags #cablegate and a hash containing the reference ID e.g. #07TALLINN375.
| Reference ID | Created | Released | Classification | Origin |
|---|---|---|---|---|
| 07TALLINN375 | 2007-06-06 14:24 | 2010-12-06 21:30 | SECRET | Embassy Tallinn |
VZCZCXRO7255
OO RUEHDBU RUEHFL RUEHKW RUEHLA RUEHROV
DE RUEHTL #0375/01 1571424
ZNY SSSSS ZZH
O 061424Z JUN 07
FM AMEMBASSY TALLINN
TO RUEHC/SECSTATE WASHDC IMMEDIATE 9902
INFO RUEHZL/EUROPEAN POLITICAL COLLECTIVE IMMEDIATE
RUEHMO/AMEMBASSY MOSCOW IMMEDIATE 2522
RUEATRS/DEPT OF TREASURY WASHDC IMMEDIATE
RHEFDIA/DIA WASHDC IMMEDIATE
RUCNFB/FBI WASHDC IMMEDIATE
RHMFISS/DEPT OF HOMELAND SECURITY WASHINGTON DC IMMEDIATE
RHMFISS/HQ USEUCOM VAIHINGEN GE IMMEDIATE
RUEKJCS/JOINT STAFF WASHDC IMMEDIATE
RHEHNSC/NSC WASHDC IMMEDIATE
RUEKJCS/SECDEF WASHDC IMMEDIATE
RUEHBS/USEU BRUSSELS IMMEDIATE
RUEHNO/USMISSION USNATO IMMEDIATE 1204
RHEHAAA/WHITE HOUSE WASHDC IMMEDIATE
S E C R E T SECTION 01 OF 04 TALLINN 000375
SIPDIS
DEPT FOR EUR/NB
E.O. 12958: DECL: 06/06/2017
TAGS: PREL PGOV ECON ETRD NATO RS EN
SUBJECT: ESTONIA'S CYBER ATTACKS: LESSONS LEARNED
REF: A) TALLINN 366 B) LEE-GOLDSTEIN EMAIL 05/11/07
B) TALLINN 347
Classified By: Charge d'Affaires Jeff Goldstein for reasons 1.4 (b) & (
d)
¶1. (S) Summary. On April 27, Estonia became the
unprecedented victim of the world's first cyber attacks
against a nation state. Although an analysis of events is
ongoing, this event demonstrated the vulnerability of both
government and private sector internet infrastructure.
Working together with Estonian cyber security experts, the
Ministry of Defense (MOD) is preparing a report analyzing
the crisis, evaluating the strengths and weaknesses of the
Estonian response, and recommend changes to Estonia's cyber
defenses and security. The GOE and Estonian cyber defense
experts all agree that while they successfully responded to
these attacks, they will need to improve Estonia's defenses
to prevent what they described as the nightmare scenario: a
shutdown of Estonia's internet infrastructure as a result
of more serious attacks at some point in the future. End
Summary.
The Nature of the Attacks
-------------------------
¶2. (SBU) Starting on April 27, Estonia became the world's
first victim of cyber attacks against a nation state's
political and economic infrastructure. For over a month,
government, banking, media, and other Estonian websites,
servers, and routers came under a barrage of ever-shifting
and coordinated cyber attacks that tried to shut down
specific strategic targets (Ref A). Unlike traditional
cyber attacks which try to "hack" into a system, the
attacks against Estonian sites used the basic architecture
of the internet to disrupt their operation. At Post's
request XXXXXXXXXXXX visited Tallinn to assess the
situationApril 16-18. XXXXXXXXXXXX opined that it is
not technically feasible to prevent attacks of this nature,
no matter how sophisticated a country's cyber-defenses are.
However, due to Estonia's rapid response, the attacks did
not seriously threaten Estonia's cyber network and infrastructure.
¶3. (C) The cyber attacks exposed the strengths and
weaknesses of Estonia's cyber defense system. XXXXXXXXXXXX
told us that the Ministry of Defense is preparing a report to
submit to the GOE by the end of June. Based on our discussions
with GOE, CERT, and private Estonian cyber security experts,
it is clear that the Estonians are working furiously to analyze
where their cyber defenses and protocols worked, failed, and/or
need improvement. Although these cyber attacks were
unprecedented in nature, our Estonian interlocutors all
agreed that the outcome could have been much worse. They
also note that the MOD's report notwithstanding, the impact
on cyber defense policy for both the public and private
sectors will be discussed and felt for a very long time.
The following is a summary of GOE "lessons learned" from
these attacks.
Lessons Learned: What Worked
----------------------------
¶4. (SBU) STRENGTH IN BEING SMALL. With a population of 1.3
million people, Estonia's small size was its strongest
asset in reacting rapidly to the cyber attacks. Estonia's
CERT, the GOE's Cyber Defense Unit, and private IT Security
Managers all knew each other for years before the crisis
and were, thus, able to work closely together. Information
sharing and decision making were rapid and flexible.
Everything was handled - from the working level to the
leadership - in an almost seamless fashion throughout the
attacks. "We're talking about a group of ten key people in
the government and private sector who've known each other
for years, trust one another, and all have direct access to
TALLINN 00000375 002 OF 004
each other" XXXXXXXXXXXX, commented to us.
"Therefore, there was no inter-agency bureaucracy or
red tape to cut through."
¶5. (C) E-VOTING. In March 2007, Estonia held the world's
first national election where e-voting was used. From the
outset of the crisis, the e-voting security team was
immediately seconded to CERT and became a vital asset in
responding to the attacks. Although Estonia's CERT has
only two full time staff, XXXXXXXXXXXX said he was able
to call upon a roster of 200 programmers and security
experts from the e-voting security team to ensure a 24/7 response
mechanism against incoming cyber attacks. As the e-voting
team was already at work on next generation security
measures (in anticipation for Estonia's 2009 local
elections), there was no need for them to "catch up"
according to XXXXXXXXXXXX. These experts were invaluable
in addressing the wide variety of attacks (e.g., bots, spam,
DDoS, Trojan Horses, etc.).
¶6. (C) INFORMATION GATHERING. Our MOD interlocutors credit
Estonian law enforcement and cyber security experts'
(public and private) close monitoring of Russian-language
internet forums as key to CERT's ability to rapidly respond
to the attacks. On April 28, less than 24 hours after the
first cyber attacks, Russian-language internet forums
(e.g., http://2ch.ru and http://forum.xaker.ru) were
exhorting people to attack specific GOE websites and
offering links to software tools. Patient monitoring of
these internet-forums led to intelligence on targets,
dates, and exact times for coordinated attacks.
XXXXXXXXXXXX told us privately that without this
information, the cyber attacks against GOE sites could hav
inflicted far more damage than they did.
¶7. (C) SECURE ONLINE BANKING. Hansabank and SEB
successfully weathered the cyber attacks against them
because of defensive measures and procedures already in
place. According to CERT, the banks' procedures are in
many ways superior to the GOE's. XXXXXXXXXXXX
said that due to the longstanding problem of cyber crime
in the region - often with banks as prime targets - the banks
were well prepared for the attacks. For example,
XXXXXXXXXXXX told us, organized gangs have
employed bot attacks in the past. As a result, Hansabank
had the necessary cyber security measures in place to defend
against this type of attack.
In the end, Hansabank-s sites successfully repelled every
attack and were able to provide their Estonian customers
access to their online accounts. (Note. Almost 90% of all
financial transactions (e.g., bill payments) are done
online. Hansabank and SEB alone handle over three-fourths
of that traffic. End Note.)
Lessons Learned: What Failed
----------------------------
¶8. (S) FORMAL PROCEDURES. XXXXXXXXXXXX told us
he believes that Estonia-s formal and institutional procedures
for responding to cyber attacks failed completely.
Throughout the crisis, ad hoc meetings and decision making
based on established informal contacts and relationships
were used to disseminate information - instead of
formalized institutional channels with clear communication
chains. Additionally, XXXXXXXXXXXX told us that the GOE
did not keep an official record or log of decisions and actions
taken during the crisis. Consequently, it is uncertain how
thorough the GOE's post-crisis assessment or efforts to
improve Estonia's formal cyber defense procedures will be.
XXXXXXXXXXXX explained that neither CERT nor the GOE
had the personnel to "put out the fire and also act as a secretary
to take down the minutes." (Note: XXXXXXXXXXXX claims
of staff shortages are somewhat questionable given that he
told us that neither he nor any of his staff had to work
over-time during the cyber attacks. End Note.)
¶9. (S) LACK OF CENTRALIZED GOE POLICY. MOD interlocutors
admitted that there was no consistent GOE policy across
TALLINN 00000375 003 OF 004
ministries on cyber security, broadband capacity, and
information sharing. For example, some ministries use
static websites while others use more vulnerable dynamic
websites. Ministries also use different internet providers
which have different security procedures in place. This
unnecessary complexity made initial information sharing
between ministries more cumbersome and confusing,
especially for ministries with fewer resources for IT risk
management (e.g., the Ministry of Population, Ministry of
Education, Ministry of Culture, etc.). XXXXXXXXXXXX,
told us that creating a consistent policy for the various ministries
will be a key recommendation in the MOD's report.
¶10. (S) MONITORING. The cyber attacks also exposed
Estonia's total lack of a comprehensive monitoring system.
Estonia does not have a national IP (internet protocol)
network of sensors to precisely monitor traffic for cyber
attacks. As a result, the GOE and CERT did not have any
hard data on the number of computers and/or servers that
were used in the attacks. XXXXXXXXXXXX, Estonia's main telecommunication and IT provider, told us that his company
relies on U.S.-based Arbor Networks to monitor its network.
Our MOD and private sector interlocutors all agreed on how
important it was for Estonia to have its own monitoring network,
but they could not confirm on the likelihood that the GOE
would invest in this infrastructure upgrade.
¶11. (S) WHACK-A-MOLE. In the initial stages of the cyber
attacks, the Estonian method of response was to block each
and every attack through its corresponding ISP address as
it happened. XXXXXXXXXXXX dubbed this the "whack-a-
mole" response and opined that prior to April 27 this
approach might have been sufficient. However, the sheer
volume of the recent cyber attacks quickly overwhelmed the
Estonian defenses. CERT, Elion, and the GOE's Cyber Defense
Unit were eventually forced to apply broader and more
stringent filtering mechanisms on all internet traffic to
prevent the attacks from entering Estonia. XXXXXXXXXXXX
observed that unlike the United States and many European
Union members who routinely filter foreign internet
traffic, prior to the recent attacks, the Estonian network
filtered very little foreign traffic.
¶12. (S) INDUSTRY VULNERABILITY. While Hansabank and SEB
successfully weathered the cyber attacks, many other
smaller private Estonian sites that were attacked were
overwhelmed. With no industry standard or best practice in
place in Estonia, many smaller businesses and/or private
organizations (e.g., schools, NGOs, etc.) did not have the
technical expertise or financial means to ramp up their
broadband capacity. XXXXXXXXXXXX claimed that CERT's
log of complaints and reported cyber attacks since April 27 is
over 10 Tb (Tera bits). (Note. One TB is equal to one
million Mega bits. To put this in perspective, the entire
content of the online U.S. Library of Congress uses less
than 10 TB. End Note.) As the majority of Estonian (SME)
small and medium size enterprises employ online services as
part of their daily business, the GOE is now aware that an
industry standard with readily available cyber defensive
software, tools, training, and public awareness-raising
must become a part of Estonia's cyber defenses.
Lessons Learned: Nightmare Scenarios
------------------------------------
¶13. (S) TARGETING KEY ROUTERS AND SITES. Our Estonian
interlocutors all agreed that even during the attacks'
peak, Estonia's cyber network was not in any serious danger
of being shut down. In some ways, Estonia was lucky. Rein
Ottis, MOD Cyber Defense Chief, noted that had the attacks
specifically targeted Estonia's key servers and routers,
they could have shut down Estonia's entire cyber
infrastructure. On May 4, two routers belonging to the GOE
and Elion were attacked with an unknown data packet that
crashed the routers almost immediately. XXXXXXXXXXXX
told us that if enough key routers and/or servers were shut down,
it would be the internet "equivalent of blowing up key roads and
TALLINN 00000375 004 OF 004
intersections in the city Tallinn to bring all traffic to a halt."
¶14. (S) UNANNOUNCED AND BETTER TIMED ATTACKS. Most of the
cyber attacks were discussed in advance on Russian-language
internet forums, giving the Estonians the opportunity to
ramp up broadband capacity in advance. XXXXXXXXXXXX
told us that the perpetrators gave away the element of surprise
and often timed their attacks in the evening (when Estonia's
internet usage is at its lowest). Had they not made these
mistakes, XXXXXXXXXXXX opined that the attacks could
have shut down their GOE targets for up to a week.
XXXXXXXXXXXX was thankful that they had advance
information about th May 15 attacks against Hansabank and
SEB. However, many of the attacks which employed bots
were unannounced and far more challenging, and in some
cases did crash their targets. If all attacks had been like this,
XXXXXXXXXXXX and XXXXXXXXXXXX could not
confidently predict whether Estonia's defenses would
have held.
¶15. (S) 2ND TIER STRATEGIC ATTACKS. Estonia's banks were
generally well prepared for cyber attacks. However, the
economic impact could have been worse if the attacks had
focused on 2nd tier strategic targets which possessed less
formidable defenses (Ref B). XXXXXXXXXXXX speculated
the fallout would have been far more significant if Estonia's
logistic-transport companies had been attacked. "As over
three-fourths of all grocery stores, petrol stations, and
shops rely on the internet for their orders and
deliveries," asked XXXXXXXXXXXX, "can you imagine the
damage this would bring? Cyber crime seems abstract to most
people. There's nothing abstract about empty shelves in
stores." XXXXXXXXXXXX also listed a whole range of
other strategic services and businesses that would have been far
easier to crash than the banks. The MOD felt that
XXXXXXXXXXXX descriptions were far fetched, bordering
on "science fiction." However, when we mentioned
XXXXXXXXXXXX's comments to XXXXXXXXXXXX
he felt that recent events have changed the parameters
of the debate on possible threat scenarios. He said,
"Last year, I would've considered a cyber war against my
country as science fiction, too - but not anymore."
GOLDSTEIN