It is no longer a fantasy scenario, experts at the RSA conference told delegates. In April 2007 the small European country of Estonia was subjected by unknown Russian groups to what is commonly cited in the security community as the world's "First Cyber War."
Although no government was explicitly involved, the Estonian view is that the country was punished by Russian hard-liners for relocating a Soviet-era war memorial in Tallinn, the capital, plus other acts considered disrespectful to Estonia's Russian-dominated history before the Soviet Union collapsed in 1991.
In Internet assaults lasting more than three weeks, Estonia's digital infrastructure was brought to its knees, requiring an emergency mobilization of the country's computer expertise and outside assistance.
The digital attack knocked out the Estonian legislature's e-mail system, put banks out of action, forced major Estonian media to shut down Web sites and generally spread chaos across the economy.
Just as Russian gas supply interruptions awakened Europe to its energy dependence, the cyberwar on Estonia alarmed cybersecurity professionals and government officials on both sides of the Atlantic.
"It is pure nonsense to attempt to handle cyberscecurity only at a national level but information sharing across borders is still not as good as it needs to be," said Patrick Pailloux, general director of the French Network Information Security Agency, at the RSA conference.
Phil Reitinger of the U.S. Department of Homeland Security said any domestic cybersecurity plans must include an international component to be effective.
When he was named by U.S. President Barack Obama to the position of cybersecurity coordinator, Howard Schmidt said that one of his priorities would be to strengthen international partnerships.
The focus on international cooperation has also been part of the national cybersecurity review ordered by Obama in February. Christopher Painter, special adviser to the president for cybersecurity, said, "The review itself was not done in isolation but in collaboration with Canada, France, Australia and others." Analysts said the collaboration needs to be widened.
Deborah Anton, assistant secretary for e-security policy and co-ordination in the Australian Attorney General's Department, said that governments need to share best practices for cybersecurity so that nations can learn from one another, Jim Garrettson wrote for TheNewNewInternet.com Web site.
Kertu Ruus, a Washington journalist for the Estonian daily Aripaev, the largest business publication in Estonia, said in an article for The European Institute online journal, "The cyberwar against Estonia offers an unsettling glimpse of the potential chaos and devastation that could befall nations whose leaders fail to anticipate and prepare for the cyberattacks of the future. Incidentally, too, the events offer a sobering reminder of the strong-arm methods that seem to enjoy increasing sway in Russia."
Ruus added, "The most profound consequence of Cyberwar I, however, may well be that the attackers, perhaps inadvertently, launched an awareness-raising campaign in the West, delivering a wake-up call to individual governments and international organizations alike about the vulnerabilities of their vital civilian electronic infrastructure."
The Obama administration last year conducted a monthlong cybersecurity awareness campaign throughout the United States amid mounting attacks on public and corporate digital infrastructures and Web sites.