“Trying to portray activity”: how Lithuania initiated the creation of a European rapid reaction force for cyberthreats

Six European countries have agreed to join forces in the fight against cyber threats through the development of a joint rapid reaction force in this area. Lithuania, Estonia, Poland, Croatia, the Netherlands and Romania signed an agreement according to which the international Cyber ​​Rapid Response Team (CRRT) will be constantly deployed in standby mode at several physical objects in order to quickly repel a possible attack.

The corresponding memorandum was signed in the Croatian Zagreb. As noted in the message published on the website of the Lithuanian Ministry of Defense, the response team will be active not only in the virtual space, but will also be connected to the physical investigation of incidents and hacker attacks.

In addition, the international unit will be able to take preventive measures and assess the level of cyber vulnerability, supporting both members of the agreement and partner countries.

“These are fundamentally new international response forces to cyber threats, led by Lithuania and formed on its initiative,” said Lithuanian Minister of National Defense Raimundas Karoblis after signing the memorandum.

According to him, now all countries are facing problems in the field of cybersecurity.

“We need to unite, because the cyber war is already going on, and it knows no boundaries. It is also a good example of how EU countries can use non-military means to enhance Europe’s security and support NATO’s defense and deterrence efforts, ”Karoblis added, noting that the creation of CRRT will bring EU member states' cyber security cooperation to a new practical level.

Critical vulnerability

According to experts, today the cybersecurity system in European countries, including Lithuania, really needs to be improved. As cyber security specialist Andrei Masalovich noted in an interview with RT, now the problem of protection against cyber threats is not only facing the poor countries of the Baltic states, but even the United States.

“Both during the exercises and during real hacker attacks, it was repeatedly found out that critical infrastructure is vulnerable to attackers who can safely take control of both nuclear power plants and the transport hub without resorting to conventional weapons. This applies not only to the Baltic countries. The defensive potential in this area among the countries of Europe and the USA is rather weak, ”Masalovich believes.

The Lithuanian side now hosts an international team formed by countries that have signed the memorandum. Each of the participating States will alternately lead the CRRT.

Another seven countries - Belgium, Greece, Spain, Italy, France, Slovenia and Finland - are currently in the status of observers of the project. However, in the future they may become its full participants.

• The signing ceremony of the Permanent Structured Cooperation - PESCO program
• Reuters
• © Yves Herman

According to the Lithuanian Ministry of Defense, Vilnius proposed the formation of a rotational rapid cyber reaction force of the EU as part of the Permanent Structured Cooperation - PESCO in 2017.

According to Raimundas Karoblis, he is very pleased that CRRT was the first PESCO project actually implemented.

As specified on the PESCO website, CRRT will allow participating countries to help each other in ensuring cyber resistance. Earlier, countries signed a declaration of intent, and also organized the first joint event. In 2019, the Netherlands became the first rotational member of CRRT, who offered their team of specialists to participate in the mission.

Recall that the Council of Europe adopted the decision to establish PESCO at the end of 2016, and a year later the program was officially launched: 25 European countries, 20 of which also belong to NATO, announced their readiness to join it. The tasks of PESCO include, in particular, supporting the European defense industry and the exchange of experience in the defense sector.

CRRT is not the only cybersecurity project initiated by PESCO. It is also planned to create a platform for the exchange of information on cyberthreats, to which seven countries have joined so far, as well as a coordination center, the creation of which six states are working under the leadership of the Federal Republic of Germany.

It should be noted that the Lithuanian authorities have long come up with the initiative to create a joint European response force in cyberspace.

So, back in 2017, President Dalia Grybauskaite put forward a similar idea. The politician voiced the proposal to create a “cyber Schengen”, speaking at the EU summit on digital technologies in Tallinn. According to Grybauskaite, national resources can no longer provide full protection for the digital space against the backdrop of the growing activity of cybercriminals who attack both government agencies and private Internet users. To achieve a tangible effect, EU countries need to unite to combat cyber threats, she said.

In the summer of 2018, the Minister of Defense of Lithuania Raimundas Karoblis has already announced the creation of a cybernetic rapid reaction force at the EU level. The Minister noted then that the international team will provide support to the EU member states faced with cyber threats.

According to experts, the attempts of the Lithuanian leadership to take a leading role in organizing pan-European cyber defense are largely dictated by the desire to improve the image of Lithuania. This point of view, in particular, is shared by the president of the Russian Association of Baltic Studies Nikolai Mezhevich.

“Of course, there is a certain connection between the level of scientific and technological development and the economy of a country and its successes in the field of cyber defense. You can inflate a frog as much as you like, but it will not reach the size of an elephant. The Lithuanian potential is extremely small, so local politicians are trying to portray great activity, being on the sidelines of world political processes, ”Mezhevich said in an interview with RT.

In his opinion, since the project is still, by and large, only on paper, it is not difficult for Vilnius and its partners to coordinate it.

“Washington has its own game”

In addition, according to Andrei Masalovich , the Lithuanian authorities also want to “show their significance” against the background of Estonia, which seized the initiative in the field of cybersecurity.

“For many years, Estonia has been the NATO cyber-showcase. Lithuania wants to show that it does not lag behind Estonia. True, at the purely technological and organizational level these are only intentions and plans, ”the expert said.

Back in 2003, before the country joined NATO, Estonia proposed the creation of a center on its territory to combat threats in cyberspace in cooperation with the North Atlantic Alliance. The center for joint protection against cyber threats (NATO Cooperative Cyber ​​Defense Center of Excellence - NATO CCD COE) began its work in 2008, at the same time the leadership of the alliance granted him the status of an international military organization.

In addition, NATO Cyber ​​Coalition is organized annually in Estonia. In 2019, they were held in Tartu, experts from 27 countries took part in the events. The participants worked out actions to protect the alliance networks in case of cyber threats in close to real conditions.

However, experts doubt that the European initiative to create a rapid response team will be approved by NATO. According to Andrei Masalovich, the efforts of the EU and the alliance on this issue have a different focus.

“Washington has its own game, it has no allies - either opponents or vassals. Therefore, it is unlikely that initiatives such as PESCO, or the creation of the European Union’s own rapid response forces in cyberspace, will be enthusiastically accepted by the American side and the NATO leadership, ”Masalovich concluded.