Legislation allows to open a bank account remotely

Parliament yesterday 88 votes in favor and no votes against adopted the amendments to the law that will give residents and e-residents of Estonia the opportunity to open a bank account without visiting bank office. It will be possible to open a bank account, for example, interacting with a representative of bank through a video call. Identification of a person is still a need for identity document in the home country, but the opening of an account becomes much more comfortable this way.

Some limits will be applied for this mode of authentication. Individual persons each month will be able to transfer money in the amount of up to EUR 10 000, but legal persons up to EUR 25 000.

Links:
http://geenius.ee/uudis/riigikogu-vottis-vastu-seaduse-mis-lubab-pangakontot-avada-ilma-kontorisse-minemata
https://www.siseministeerium.ee/en/news/draft-legislation-allows-open-bank-account-without-going-bank-branch

Court decision on alleged SMIT account blocker

Tor-Anonymity-Tor-path

We wrote about the case before. Here is a summary of court’s decision:

According to the first-level Harju County Court decision, Mart Pirita (45) was pleaded guilty for disrupting the remote services of Ministry of the Interior (SM). According to the verdict, he used anonymous Tor network to enter multiple wrong passwords for 14 users, thereby blocking their access to the infrastructure.

The actions were qualified according to Penal Code paragraph 207 part 1 for “Illegal interference with or hindering of the functioning of computer systems by way of uploading, transmitting, deleting, damaging, altering or blocking of data”.

Pirita’s attorney Raul Ainla challenged the qualification of the alleged crime. In county court’s opinion, the qualification was correct, since Mart Pirita entered without lawful permission wrong passwords for 14 user accounts, by which their accounts were disabled, interfering the functioning of the computer system for SM employees.

The first-level court’s decision was appealed and District Court of Tallinn made a decision, that it was not possible to certainly establish a connection between Mart Pirita and the attacks.

In the initial verdict, it was claimed that the attack was performed through three IP addresses which are known to be Tor exit nodes. Furthermore, it was established that Pirita downloaded Tor software from Debian repository (ftp.ee.debian.org). In addition, according to Pirita’s ISP Elion metadata logs, Pirita was connected to the Tor network approximately at the time of the attacks.

District court judged that the county court has incorrectly evaluated the evidence presented. Namely, the IP addresses, where the attacks were performed from, belong to the Tor exit nodes and thus the attacks were performed through Tor network. However, the county court did not consider the technology of the Tor network. Every connection through Tor network is established via random paths and are encrypted, thus it is impossible to know who is the initial source of the communication and what are the messages. Thus, even though Pirita connected to the Tor network, it is impossible to link him to the attacks from the exit nodes.

Additionally, the prosecuror Piret Paukštys claimed that, since on the Pirita’s hard drive was found file “cached-microdesc-consensus” which included the IP addresses of Tor exit nodes participating in the attack, it proves the connection between Pirita and the exit nodes. However, this claim was found to be false, since the file is a catalog of all public Tor nodes and is included in every Tor installation. Thus, every Tor user possibly could be behind the attack.

According to prosecutor, another evidence pointing to Pirita was that Pirita had Debian Linux installed in his virtual machine and attacker’s user agent “Mozilla/5.0 (Linux; U; Debian Linux; en-US; rv: 1.8.1.12) Gecko/20080201 Firefox/2.0.0.12” presented to the court has Debian Linux operating system in it.

However, Tiit Hallas, the head of information security of SMIT could not provide to the court any log file which backed the claim of this user agent being present. The claimant couldn’t even describe from which log file this user agent was given from and why the logs weren’t presented as evidence.

Finally, the court found that there is a clear discrepancy between the times in the log files provided as evidence. Firstly, according to ftp.ee.debian.org logs, Pirita downloaded Tor software on 17.08.2014 at 00:57. However, the attacks started on 17.08.2014 at 00:14. Elion’s metadata logs show that Pirita connected Tor network after attacks started. Furthermore, an independent expert from Estonian Forensic Science Institute (EKEI) Oliver Olt stated that there are no connections between Elion’s metadata logs and attacks in claimant’s logs. The expert added that he couldn’t explain how the attack could be performed which would correspond to the logs. Thus, by his opinion, the logs rather contradicted the prosecutor’s claim.

It was said that Pirita had motive to perform the attacks as he was fired from SMIT due to loss of trust. However, the management of SMIT acknowledged that he was not the only one to be fired for this reason. There were up to ten people who could have the motive to perform the attacks. Furthermore, the fact that the attacker knew correct access point is not sufficient to claim that it was performed by current or previous employee of SMIT.

Concluding these aspects, the district court decided that the indirect proof was not sufficient to claim the guilt of Pirita with high probability. According to previous National Court decision, if it is possible that there was anyone else who could have performed the attack, then the accused should not be convicted.

The district court reviewed the previous decision and acquitted Pirita. Additionally, he was compensated for the legal fees in the amount of 7500€. The fee for IT expertise was covered by the government. The disk copy of Pirita’s hard disk is to be destroyed to assure the privacy of Pirita.

The prosecutor did not appeal the district court’s decision.

Links:
https://www.riigiteataja.ee/kohtulahendid/detailid.html?id=180104716
http://www.delfi.ee/news/paevauudised/krimi/pevkuri-ja-vaheri-meilikontode-lukustamise-parast-kohtu-all-olnud-mart-pirita-oigeks-moistmine-on-nuud-loplik?id=74558039
http://www.postimees.ee/3149415/it-spetsialist-jai-ministeeriumi-arvutikontode-blokeerimises-suudi

Study on the lifecycle of cryptographic algorithms 2016

cybernetica_ria_crypto_algorithms_report

This study is a natural continuation of three previous studies conducted in 2011, 2013 and 2015. The fourth version of cryptographic algorithms life cycle study published on June 9, has more than 10 authors and has 163 reference source. The 2016 report is the first one in its sequence to be written in English, because the study is unique on a global scale, and the previous versions has been of great international interest.

The foreword of the report has been written by Anto Veldre:

The Dutch DigiNotar case in 2011 demonstrated the hard choices a country faces if a PKI supporting its government’s IT systems is compromised. [..] Therefore, it was decided in 2011 to assemble a scientific task force to analyse the problems and risks that reliance on cryptography is posing on the sustainable functioning of our society.

Among the usual topics in cryptography, there is quite revealing section “Cryptographic protocols over radio connection”. For example, there the authors find that Estonian public transportation cards are vulnerable to various kinds of Denial of Service and cloning attacks:

The transportation cards in Tallinn are built on MIFARE Classic, whereas in Tartu MIFARE Ultralight C cards are used. However, even though both of the cards support cryptographic authentication, this functionality is not used. In both cases, the protocol running between the card and the reader is essentially the same, consisting of transmitting the card’s unique ID and a signature. [..] While this measure prevents unauthorised parties from issuing new cards, it does not stop the card cloning attack. [..] Cloning a card that carries a monthly ticket causes direct financial loss to the transportation service provider and must hence be urgently addressed.

Even though the ID fields of transportation cards are not writeable, other fields may be. This is for example the case with Tartu bus cards that allow e.g. the signature field to be overwritten by a standard app working on a regular NFC-capable smartphone. As a result, the card will become invalid, giving us a potential Denial of Service attack.

The report analyzes different radio frequency card technologies used for physical access control.  There are many problems – transparency issues, use of weak cryptography or no cryptography at all. The authors have also interviewed Hardmeier and G4S to study deployment issues. Some of the deployment issues revealed are quite disturbing:

Interview with a company installing NFC-based access control systems revealed that it is common practice to use same keys also in several installations, making e.g. door keys of one company work at the door of another company, too.

Links:
https://www.ria.ee/public/RIA/Cryptographic_Algorithms_Lifecycle_Report_2016.pdf
https://www.ria.ee/ee/eriik-2018-valmis-2016-aasta-kruptograafiliste-algoritmide-elutsukli-uuring.html
https://blog.ria.ee/ria-aastakonverentsi-i-sessiooni-otseblogi/

Cyber Security master’s theses defense in Tallinn University of Technology (June 2016)

logo_tut

Monday, June 6th 2016, Akadeemia Tee 15a, Room ICT-315.

Defense committee: Rain Ottis (chairman), Hayretdin Bahsi, Ahto Buldas, Andro Kull, Risto Vaarandi, Raimundas Matulevicius.
The grades received (in random order): 4,4,4,3,3,3,3,3,2,1,0.

Time: 09:00
Student: Ferenc Szalai
Title: Does Cyber Security Exercise Information Sharing Work?
Supervisor: Olaf Manuel Maennel
Reviewer: Lauri Palkmets

Time: 09:40
Student: Taavi Sonets
Title: Improving User Simulation Team Workflow in the Context of Cyber Defense Exercise
Supervisor: Elar Lang, Rain Ottis
Reviewer: Priit Raspel

Time: 10:20
Student: Karl Kristjan Raik
Title: Improving Web Attack Campaign Overview in Cyber Defense Exercises
Supervisor: Elar Lang, Rain Ottis
Reviewer: Jaan Priisalu

Break 11:00 – 11:10

Time: 11:10
Student: Eve N Hunter
Title: A Comparative Analysis of Cybersecurity Guidelines and Standards for Nuclear Power Plants
Supervisor: Rain Ottis, Harry Kantola
Reviewer: Sten Mäses

Time: 11:40
Student: Alvar Ristikivi
Title: Failover test measurements of load balanced infrastructure
Supervisor: Toomas Lepik
Reviewer: Risto Vaarandi

Break 12:20 – 13:00

Time: 13:00
Student: Kristo Kapten
Title: Threat Modeling framework for Home Gaming Consoles
Supervisor: Hayretdin Bahsi
Reviewer: Emin Caliskan

Time: 13:40
Student: Sho Yano
Title: Security Analysis on Healthcare IoT Project
Supervisor: Olaf Manuel Maennel
Reviewer: Andro Kull

Time: 14:20
Student: Juan Manuel Rodríguez López
Title: Security Risk Assessment To The Use Of Digital Charting In Colombia
Supervisor: Alexander Horst Norta
Reviewer: Olaf Manuel Maennel

Break 15:00 – 15:10

Time: 15:10
Student: Florian Gasteiger
Title: R3AD an architecture to include UAVs in National Airspace
Supervisor: Olaf Manuel Maennel
Reviewer: Toomas Lepik

Time: 15:50
Student: Nisham Kizhakkedathil
Title: A Study Into the Prospects of Implementing End-to-End Verifiability in Estonian I-Voting
Supervisor: Tanel Tammet, Vadims Žuravļovs
Reviewer: Arnis Paršovs

Time: 16:30
Student: Rando Kulla
Title: Migrating PDF signing to New KSI Format
Supervisor: Jaan Priisalu, Ahto Truu
Reviewer: Ahto Buldas

Tuesday, June 7th 2016, Akadeemia Tee 15a, Room ICT-315.

The grades received (in random order): 5,5,4,0,?,?,?,?,?,?,?

Time: 09:00
Student: Teet Laeks
Title: Raising the Awareness of Cyber Security Based on Estonian Defence Forces
Supervisor: Tiia Sõmer, Danel Apse
Reviewer: Andri Rebane

Time: 09:40
Student: Andres Sumin
Title: Evaluation method for cyber awareness course
Supervisor: Sten Mäses, Liina Randmann
Reviewer: Sten Mäses

Time: 10:20
Student: Kevin Lwakatare
Title: Contributions of Understanding and Defending Against Social Engineering Attacks
Supervisor: Anton Vedeshin
Reviewer: Alexander Horst Norta

Break 11:00 – 11:10

Time: 11:10
Student: Alexandria Elaine Farár
Title: A Deceptive Methodology Towards Early Detection of Advanced Cyber Threats
Supervisor: Hayretdin Bahsi, Bernhards Blumbergs
Reviewer: Risto Vaarandi

Time: 11:40
Student: Onur Aydin Korkmaz
Title: Comprehensive Analysis of Cyber Attacks and Malware Using Low- and High-Interaction Honeypot
Supervisor: Truls Ringkjob
Reviewer: Mauno Pihelgas

Break 12:20 – 13:00

Time: 13:00
Student: Mina Gerges
Title: Log Monitoring and Event Correlation on Microsoft® Windows™ Using Simple Event Correlator
Supervisor: Risto Vaarandi
Reviewer: Tiit Hallas

Time: 13:40
Student: Chen Zhuge
Title: C-Based Implementation of Logcluster, a Data Clustering and Pattern Mining Algorithm for Event Logs
Supervisor: Risto Vaarandi
Reviewer: Innar Liiv

Time: 14:20
Student: Morteza Fakoorrad
Title: Application Layer of Software Defined Networking: pros and cons in terms of security
Supervisor: Olaf Manuel Maennel
Reviewer: Truls Ringkjob

Break 15:00 – 15:10

Time: 15:10
Student: Zaghum Wahab Awan
Title: A GUI Simulator For WSNs Based Protocols with Energy Harvesting and Proposed Hash Based Mathematical Modelling for the Security
Supervisor: Truls Ringkjob
Reviewer: Hayretdin Bahsi

Time: 15:50
Student: Jaan Vahtre
Title: Detection of ransomware on Windows operating systems
Supervisor: Jaan Priisalu
Reviewer: Toomas Lepik

Time: 16:30
Student: Vjatšeslav Panov
Title: Implementation of a Hash Function for Portable Executable Based on Structural Information
Supervisor: Truls Ringkob
Reviewer: Toomas Lepik

Wednesday, June 8th 2016, Akadeemia Tee 15a, Room ICT-315.

Defense committee: Raimundas Matulevicius (chairman), Hayretdin Bahsi, Rain Ottis, Meelis Roos, Vitaly Skachek.

Time: 09:00
Student: Luis Carlos Herrera Velasquez
Title: A Comprehensive Instrument for Identifying Critical Information Infrastructure Services
Supervisor: Olaf Manuel Maennel
Reviewer: Hayretdin Bahsi

Time: 09:40
Student: Camilo Andres Pantoja Viveros
Title: Analysis of the Cyber Attacks against ADS-B Perspective of Aviation Experts
Abstract: The present paper has a profound literature review of the relation between cyber security, aviation and the vulnerabilities prone by the increasing use of information systems in aviation realm.
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Sten Mäses

Time: 10:20
Student: Santiago Andres Sarmiento Bernal
Title: Detection solution analysis for simplistic spoofing attacks in commercial mini and micro UAVs
Abstract: This work analysis several spoofing detection methods found in the open literature, and selects the ones which can be suitable for mini and micro UAV technical specifications and operational scenario, for proposing a GPS spoofing detection solution developed in the application layer of an open source code Ground Control Station software SDK.
Supervisor: Olaf Manuel Maennel, Raimundas Matulevicius
Reviewer: Juhan-Peep Ernits

Break 11:00 – 11:10

Time: 11:10
Student: Allyson Ivy Hauptman
Title: Designing Digital Forensics Challenges for Multinational Cyber Defense Exercises
Supervisor: Patrycjusz Zdzichowski, Rain Ottis
Reviewer: Toomas Lepik

Time: 11:50
Student: Luis Alejandro Velasquez Hurtado
Title: Colombia and the intelligence cycle in the 21st century, the digital age
Supervisor: Olaf Manuel Maennel
Reviewer: Rain Ottis

Break 12:30 – 13:20

Time: 13:20
Student: Didier Dubey Suarez Medina
Title: Assessment of Web-based Information Security Awareness Courses
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Rain Ottis

Time: 14:00
Student: Yuri Andrea Pinto Rojas
Title: Development of National Cyber Security Strategies (NCSSs), and an Application of Perspective to the Colombian Case
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Hayretdin Bahsi

Break 14:40 – 14:50

Time: 14:50
Student: Alex Uriel Duran Santos
Title: Organizational Interaction Mechanisms Affecting Strategic Decision-Making During Cybercrime Investigations
Supervisor: Maria Claudia Solarte Vasquez
Reviewer: Jaan Priisalu

Time: 15:30
Student: Carlos Arturo Martinez Forero
Title: Tabletop Exercise For Cybersecurity Educational Training; Theoretical Grounding And Development
Abstract: The purpose of this thesis is to suggest the improvement of potential and perceived weaknesses on the educational components of cyber security strategies, discussing awareness-training models with significant impact on the participants, focusing on strategic decision-making level personnel that could partake of cyber related incidents.
Supervisor: Maria Claudia Solarte Vasquez, Raimundas Matulevicius
Reviewer: Uko Valtenberg, Tarmo Tuisk

Links:
https://livettu-my.sharepoint.com/personal/elena_vaarmets_ttu_ee/_layouts/15/WopiFrame.aspx?guestaccesstoken=rRFwY2aM1FudPqoucCsEwNvjb2YvdduB4x%2bLFywQvpo%3d&docid=0c199fcd8c7204b8b908fa40ad8e14730&action=view
http://www.cs.ut.ee/sites/default/files/2016/loput88d/DEFENCE%20OF%20CYBER%20SECURITY%20CURRICULUM%20THESES_in%20Tallinn_2016.pdf

Cybersecurity related bachelor’s and master’s theses in University of Tartu 2015/2016

university_of_tartu_logo

Defense committee: Dominique Unruh (chairman), Siim Karus, Vitaly Skachek, Dirk Oliver Theis, Raimundas Matulevicius.

A Cost-Effective Approach to Key Management in Online Voting Scenarios
Abstract: Since smart cards both offer reasonable prices and expose an API for development, this document evaluates different approaches to implement threshold encryption over smart cards to support an electoral process.
Student: Sergio Andrés Figueroa Santos
Curriculum: NordSecMob (MSc)
Supervisor: Sven Heiberg, Helger Lipmaa, Tuomas Aura
Reviewer: Ivo Kubjas
Defense: 02.06.2016, 09:00, Liivi 2-405

Revision of Security Risk-oriented Patterns for Distributed Systems
Abstract: In this thesis, we target the secure system development problem by suggesting application of security risk-oriented patterns. The applicability of these security risk-oriented patterns is validated on business processes from aviation turnaround system.
Student: Silver Samarütel
Curriculum: Software Engineering (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Alexander Horst Norta
Defense: 02.06.2016, 09:00, Liivi 2-405

Role Based Access Control as SecureUML Model in Web Applications Development with Spring Security
Abstract: In order to support and simplify the model-driven approach for a web application development with Spring platform, realization of a concept plugin for Eclipse IDE is proposed. This plugin supports the recognition of Spring Security notations with capability to visualize the RBAC model on top of them.
Student: Andrey Sergeev
Curriculum: Cyber Security (MSc)
Supervisor: Raimundas Matulevicius
Reviewer: Henri Lakk
Defense: 02.06.2016, 09:00, Liivi 2-405

Secure and Efficient Mix-Nets
Abstract: This thesis studies a zero-knowledge shuffle argument proposed by J. Furukawa in 2005. Firstly, we provide a more detailed and easily readable description of the shuffle and shuffle-decryption zero-knowledge protocols than in the original paper. Secondly, we provide two new characterizations of a permutation matrix and two simple modifications of the shuffle protocol that reduce the computational complexity.
Student: Janno Siim
Curriculum: Computer Science (MSc)
Supervisor: Helger Lipmaa
Reviewer: Sven Laur
Defense: 02.06.2016, 09:00, Liivi 2-405

A Comprehensive Protocol Suite for Secure Two-Party Computation
Abstract: In some scenarios, a two-party model is a better fit when no natural third party is involved in the application. In this work, we design and implement a full protocol suite for two-party computations on Sharemind, providing an alternative and viable solution in such cases.
Student: Sander Siim
Curriculum: Computer Science (MSc)
Supervisor: Dan Bogdanov, Pille Pullonen
Reviewer: Dominique Unruh
Defense: 06.06.2016, 09:00, Liivi 2-405

An improved type system for a privacy-aware programming language and its practical applications
Abstract: he goal of this thesis is to make it easier to add protection domain kinds to the SecreC language by allowing the programmer to define the protection domain kind data types, arithmetic operations and type conversions in the SecreC language without changing the compiler.
Student: Ville Sokk
Curriculum: Computer Science (MSc)
Supervisor: Dan Bogdanov, Jaak Randmets
Reviewer: Vesal Vojdani
Defense: 06.06.2016, 09:00, Liivi 2-405

Energy Harvesting in Cooperative Communications
Abstract: Energy harvesting (EH) is a crucial technology for a variety of wireless systems that have limited access to a reliable electricity supply or recharging sources. In this thesis, the design of a multiple access relay system (MARS) using EH is considered.
Student: Akashkumar Rajaram
Curriculum: Cyber Security (MSc)
Supervisor: Nalin Jayakody, Vitaly Skachek
Reviewer: Bin Chen
Defense: 06.06.2016, 09:00, Liivi 2-405

Security of Eduroam Passwords
Abstract: The University of Tartu has decided that the university’s eduroam accounts will share the same user credentials as the rest of the university’s services. This could potentially be abused by exploiting weaknesses in wireless security in order to gain access to a user’s university account. The aim of this research was to uncover any such weaknesses.
Student: Raul-Martin Rebane
Curriculum: Computer Science (BSc)
Supervisor: Dominique Unruh
Reviewer: Meelis Roos
Defense: 06.06.2016, 09:00, Liivi 2-405

Applying a Security Testing Methodology: a Case Study
Abstract: This thesis aims to describe and apply a process necessary to verify the security of a web application. A checklist of security requirements was gathered combining OWASP ASVS web application security standard and OWASP Top Ten project.
Student: Karin Klooster
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos, Margus Freudenthal
Reviewer: Kritjan Krips
Defense: 08.06.2016

Word frequency based log analysis
Abstract: The purpose of this bachelor thesis is to explore if you can use word frequency based analysis for log files and find interesting events without knowing the log structure.
Student: Karl Lääts
Curriculum: Computer Science (BSc)
Supervisor: Meelis Roos
Reviewer: Artjom Lind
Defense: 08.06.2016

Randomly Distributed PIN Code Input Layout
Abstract: This thesis examines the possibility of reducing the visual security breach of PIN code input by randomising the input field.
Student: Rain Tõugjas
Curriculum: Computer Science (BSc)
Supervisor: Tauno Palts, Kristjan Krips
Reviewer:
Defense: 08.2016

Smart Home Hacking
Abstract: This work investigates the security and privacy issues found at an emerging smart home technology such as the CoSSMic platform.
Student: Suela Kodra
Curriculum: NordSecMob (MSc)
Supervisor: Danilo Gligoroski, Marie Moe, Dominique Unruh
Reviewer: Raimundas Matulevičius
Defense: 18.08.2016, 09:30, Liivi 2-403

Cache-Timing Techniques: Exploiting the DSA Algorithm
Abstract: This work explains some of the cache-timing techniques commonly used to exploit vulnerable software. Using a particular combination of techniques and exploiting a vulnerability found in the implementation of the DSA signature scheme in the OpenSSL shared library, a cache-timing attack is performed against the DSA’s sliding window exponentiation algorithm.
Student: Cesar Pereida Garcia
Curriculum: NordSecMob (MSc)
Supervisor: Billy Bob Brumley, Dominique Unruh, N. Asokan
Reviewer: Arnis Paršovs
Defense: 26.08.2016, 11:00, Liivi 2-403

Links:
https://comserv.cs.ut.ee/ati_thesis/index.php?year=2016
http://www.cs.ut.ee/sites/default/files/2016/loput88d/Kaitsmiste%20ajakava.pdf

IT Law Conference on Legal Technology

it_law_conference_legal_technology

9:00 – Registration and Coffee
9:30 – Welcome and Introduction
Ülle Madise, Chancellor of Justice in Estonia
Helen Eenmaa-Dimitrieva, Director of the IT Law Programme, University of Tartu
9:45 – Keynote Address
Hannes Vallikivi, Chairman of the Board, Estonian Bar Association
10:15 – Innovative Technologies Influencing the Legal Sector
Ermo Täks, Associate Professor, Tallinn University of Technology
10:45 – Interoperability between IT and Law
Priit Parmakson, Architect, Estonian Information System Authority
11:15 – Blockchain Technology and the Law
Alex Norta, Associate Professor, Tallinn University of Technology
12:00 – Lunch Break
13:00 – IT Law Lab
Laura Kask, Legal Advisor at the Department of State Information Systems, Estonian Ministry of Economic Affairs and Communications
Ave Lauringson, Leading Specialist at the Information Society Unit, Estonian Ministry of Economic Affairs and Communications
Ave Piik, Head of the Intellectual Property and IT Law Commission, Estonian Bar Association; Head of IP/IT, COBALT
Karmen Turk, Litigation Attorney, Triniti Law Firm; Expert, Council of Europe; Visiting Lecturer in IT Law, University of Tartu
14:00 – Launch of the Legal Tech Competition
Hannes Vallikivi, Chairman of the Board, Estonian Bar Association
14:10 – 3-minute Pitches from Legal Startups
14:30 – Keynote Address: From Research to Innovative Legal Tech Products
Anna Ronkainen, Chief Scientist and Co-Founder, TrademarkNow
15:30 – Coffee Break
16:00 – Compliance and Digitalization. Launch of MyFondia Legal Platform
Bradley Mitchell, Senior Legal Counsel, Fondia
Anti Kodar, Managing Director, Fondia Baltic
17:00 – The Future of Legal Services
Risto Hübner, Chief Legal Officer, Nortal; Founder, Estonia Legal Hackers (Moderator)
Bradley Mitchell, Senior Legal Counsel, Fondia
Anna Ronkainen, Chief Scientist and Co-Founder, TrademarkNow
Tanel Erik Podar, Legal Counsel, Fortumo
Hannes Vallikivi, Chairman of the Board of the Estonian Bar Association
17:45 – Closing Remarks
Anne Veerpalu, Visiting Lecturer in IT Law, University of Tartu; Associate Partner, NJORD Law Firm; Founder, Estonian Legal Hackers
18:00 – Networking and Snacks

Links:
http://www.oi.ut.ee/en/studies/it-law-conference-legal-technology

RIA Cyber Security Report 2015

RIA_cybersec_report_2015

Some insights:

2015 proved that the continuity of vital services can be affected, or even crippled, by simple ransomware campaigns that weren’t even intended to disrupt those services.

Around-the-clock manned monitoring of Estonian cyberspace has taken place since the summer of 2015. We also adopted new and improved monitoring technologies.As a result of the around-the-clock monitoring, we have prevented, discovered, and reacted to signifcantly more security incidents than in past years.

In 2015, the lessons learned from the CyberHEDGEHOG 2015 exercise, the amendment of the Emergency Act, and the adoption of the European Union Network and Information Security Directive (NIS) confrmed the need for a clear cyber security law that takes into account modern conditions.

In 2015 we became convinced about the necessity of thoroughly analysing both the legal questions associated with using cloud technologies and the risks connected to the integrity and confidentiality of data being processed in the cloud as well as the need to develop sufficient security measures to minimise those risks.

While European Union structural funds have been a welcome source of support for Estonian cyber security development, and indeed for the whole country’s IT development, it is clear that this situation is not sustainable for the country in the long term.

Links:
https://www.ria.ee/public/Kuberturvalisus/2015-RIA-Annual-cyber-report.pdf

Russian special forces operated fake GSM base station in Pärnu

imsi-catcher_Parnu

In April 2015 NATO brought their special forces to Estonia for a secret NATO exercise. In the days that followed Russia unleashed a series of aggressive counter measures to monitor their exercises.

Estonian signals intelligence quickly discovered an IMSI-catcher – a false cell phone tower in the local cellular network. NATO believes that the Russians attempted to identify the key NATO personnel.

Classified NATO report: “The ghost tower came online briefly twice during the day. It overtook all local towers and hijacked all the local recipients before it dropped offline.”

Links:
https://www.aldrimer.no/claims-russian-special-forces-are-operating-inside-estonia/
http://news.postimees.ee/3680481/experts-say-lion-s-share-of-nato-leak-is-hot-air
http://tehnika.postimees.ee/3682041/drooniluureskandaal-eestlaste-koned-on-rangelt-kapo-kontrolli-all

District Court acquits alleged Ministry of the Interior user account blocker

ministry_of_the_interior_estonia

The District Court of Tallinn acquitted Mart Pirita (45), who was accused of locking down the e-mail accounts of the Minister of the Interior Hanno Pevkur and the Director General of Police and Border Guard Board (PPA) Elmar Vaher, because his guilt was not proved.

The District Court overruled the previous verdict by Harju County Court. The Harju County Court convicted Pirita and imposed a financial penalty of 270 daily rates, which is EUR 13’159.80.

The Prosecutor’s Office accused the ex-employee of IT and Development Centre at the Estonian Ministry of the Interior (SMIT) of illegal disrupting of computer systems by entering data. According to accusation, in August 2014 Pirita entered without permission different incorrect passwords for 14 user accounts in SM jurisdiction, which resulted in these user accounts being blocked. The attack was performed through TOR network which allows using the Internet anonymously and hide one’s tracks. The accusation noted that Pirita may have been motivated by the termination of his employment contract.

Presenting as a witness in the court, Tiit Hallas, the head of information security of SMIT described to the court that TOR network is used by child pornography and malware distributors. During the attack an IP address belonging to the company E-Positive.ee owned by Mart Pirita was logged into the TOR network.

The District Court found that the County Court made mistakes in evaluating the evidence and accidentally attested that the act was performed by Mart Pirita. Only the fact that Mart Pirita used the TOR network is not sufficient, as anyone using the network at that time could have performed the illegal act. The evidence collected by the prosecutor do not show direct relation to the act. The District Court admitted that several circumstances hinted that the blocker was related to SMIT but this is not enough for convicting someone. There are no direct evidence and indirect evidences are weak, found the District Court.

Links:
http://www.postimees.ee/3657891/ringkonnakohus-moistis-oigeks-hanno-pevkuri-ja-elmar-vaheri-vaidetava-meilikontode-lukustaja

Supreme Court declares mediation of Bitcoins subject to anti-money-laundering supervision

bitcoin_logo

Yesterday’s verdict put an end to longstanding doubts whether trades with the cyber money should be treated as economic activity requiring special permit or not – in a landmark stand, Supreme Court declared mediation of Bitcoins an economic activity subject to anti-money-laundering supervision.

Uku Tampere, Police and Border Guard Board press representative:

For ordinary people buying or selling cryptocurrency in occasional transactions for own use, the Supreme Court judgement essentially alters nothing. However, when an individual begins to publicly offer cryptocurrency mediation service, he needs to apply for activity licence and meet the requirements prescribed by Money Laundering and Terrorist Financing Prevention Act.

Links:
http://news.postimees.ee/3652435/supreme-court-subjects-bitcoins-trade-to-money-laundering-rules
http://news.err.ee/v/business/5659f790-778f-4710-807e-782281aff8a0/supreme-court-bitcoin-has-financial-value-hence-trading-it-to-be-considered-economic-activity