daily online news

r Samuel, 35, is a "whitehat" - a "benign" hacker employed to hack into the computer systems of government and businesses to show their weaknesses. To the horror of his clients, it is a task he performs far too easily. If he hadn"t been so busy last week, he was willing to demonstrate techniques to obtain the pin numbers and passwords to a Sunday Telegraph reporter"s HSBC bank account. In England a while back he showed finance experts how to hack into the Bank of England website.

But altogether rather scarier was the stunt he pulled a few weeks ago, when he hacked into the computer system of a European airport (he declines to say which), posting a cartoon film on a television screen in the public lobby for ten minutes. For him, the purpose was to show the airport how easily its supposedly secure computer systems could be compromised. But for a less benevolent hacker, he says, it could have paved the way for a "cyberterrorism" attack.

"If you can hack into an airport you can manage anything," said Mr Samuel. "Even just putting a different message on the monitors could have dangerous - you could have told people there was a bomb about to go off, which would have forced them to shut down the airport for a whole day."

Until now, such nightmare scenarios have largely been only a concern for the likes of Bruce Willis in Die Hard IV, in which an attack on America"s internet systems threatens to crash the country"s stockmarket and power networks. Yet in Estonia, it is no longer the stuff of Hollywood but a reality.

Last April, the former Soviet republic fell victim to a massive cyber attack after row over a decision to relocate a statue of a Red Army soldier from downtown Tallin, a move which infuriated the country"s ethnic Russian minority. As riots ensued, Estonia"s banks and government were paralysed by a massive barrage of spam and hacking: some merely mischievous, such as grafting a Hitler moustache onto prime minister Andrus Alsip"s website photo, others potentially fatal, such as the hack which for a few minutes disabled the country"s emergency services telephone number.

More frightening still, though, was the widespread suspicion that the Russian government - which had backed the protests - was involved, a theory given credence by the co-ordinated nature of the attacks and evidence that some of the sabotage techniques were well beyond the capabilities of ordinary hackers.

"They were intended to destabilise the government and create anxiety and fear," Estonia"s defence minister, Jaak Aaviksoo, told The Sunday Telegraph last week. "It was a form of cyberterrorism."

Be the threat from Russia, al Qaeda, or a James Bond-style criminal mastermind, Estonia now fears that what happened to them last year should now be a wake-up call for the rest of the Western world, where growing dependence on technology also brings growing vulnerability. The country is uniquely well-qualified to comment. Not only have they had real experience of such an attack, they are also one of the most advanced e-societies in the world, having rebuilt their rusting Soviet-era infrastructure virtually from scratch.

In Tallin, a mixture of gleaming new high-rise blocks and cobbled medieval streets, nearly every transaction in life can be done electronically, from e-voting in elections through to paying parking tickets and receiving exam results by SMS text message. Many Estonians nowadays carry barely any cash, paying even for a cup of coffee with an online credit card.

Thanks partly to a formidable array of home-grown computer experts like Mr Samuel, the country managed to fend off the worst of April"s cyberattack. Now, though, the Estonian government is extending its expertise internationally, by converting a Tsarist-era military barracks in Tallin into the first-ever international cyberdefence school for NATO, which it infuriated Russia by joining in 2004. Staffed by around 30 cyberexperts from NATO member states, it will become fully operational later this year.

"Last year"s attack was a dangerous violation of our way of life, where we have tried to create a more effective society through automating the flow of information," said Lieutenant General Johannes Kert, until recently Estonia"s NATO attache. "The centre isn"t just to collect Estonian know-how, but to collect the larger know-how and focus it to the needs of NATO."

Nestling between birch trees as silver as the Baltic winter sky, the squat, Soviet-era brick sentry house that guards the complex - known as "K5" in the Estonian military - looks like just another relic from the Cold War. But inside the barracks, Lt Gen Kert, who started his career in a Soviet armoured unit, is helping co-ordinate military exercises for a much more modern struggle - where the threats may involve not just tanks and missiles, but also the likes of "botnets" - networks of computers that are hijacked in huge numbers by clandestine viruses and then used, robot-like, to launch attacks on a country"s infrastructure from within.

Also known as "zombie armies", they are alarmingly easy to recruit thanks to new developments in software. A clever hacker need do little more than plant a piece a hidden code on a commonly-used website, after which they can "hijack" any computer that visits it. It is thought an estimated million botnet computers were illegally harnessed for the assault on Estonia last year, many of the ordinary PC users in America, Britain and other countries who remained blissfully ignorant of the fact.

In criminal hands, botnets can assist with the mass hacking of peoples" bank accounts, by remotely monitoring which websites the user visits and then using a "keystroke logger" to work out pin codes and passwords typed on the keyboard. In a hostile government"s hands, however, they can be the equivalent of infiltrating a neighbouring country with millions of undercover "cybersoldiers", unleashing them whenever required.

"In the case of weapons systems that are designed to defend countries, you really don"t want your adversary to get hold of the command and control systems," said Kenneth Geers, an American cyberdefence specialist on secondment to the NATO school from the US Naval Criminal Investigative Service. While most governments have special security-encrypted software for military use, he warns, there remains the possibility of a "Cyber 9-11" through attacks on civilian infrastructure.

"I don"t think we have seen the worst of what can happen in cyberspace yet," he said. "We wouldn"t see the end of the world by a long shot, but that doesn"t mean that vital national and critical infrastructure could not be affected."

The convenience which the internet brings to so many walks of life, he says, also applies to the world of cyberterrorism and cybercrime too. The last two years have seen the internet spawn an entire new criminal economy in so-called "malware", software specifically designed for malevolent activities like stealing credit card numbers and secure passwords.

According to Peeter Marvet, another leading Estonian cyberanalyst, many "malware" hackers now sell bespoke products online, also offering 24-7 "techie help" in case it goes wrong, making cybercrime an option not just for computer experts but for criminals and terrorists too. "It is like ordering a suit," said Mr Marvet. "You can buy the toolkits, the software, the service contracts to do whatever you want, say like capturing 80,000 computers to attack a bank."

One such example was the Gozi Trojan, which steals data and sends it to hackers in an encrypted form, sold for around £500 a time by a shadowy consortium of St Petersburg-based cybergangsters called the Russian Business Network. Run by a shadowy individual nicknamed Flyman, the network also offered "bulletproof" hosting for cybercrime groups to keep their operations safe from whitehat hackers.

Flyman, who mysteriously vanished from the internet late last year, is just one of many expert Russian hackers, who, along with the Chinese, are widely considered to be among the best in the business. That has prompted speculation that they may also have backing - tacit or otherwise - from their own countries" intelligence services, who view them as a useful - and deniable - means of probing other countries" internet security.

Whether the Kremlin really was involved in the attack on Estonia last year remains a mystery. Mr Aaviksoo concedes that in virtual reality, no "smoking gun" is left behind, but points out that afterwards, the Russian government declined Estonia"s requests to investigate the many Russian-based internet sites involved in the attacks. "I am not sure that the willingness to co-operate was higher than in the case of (Alexander) Litvinenko," he said, referring to Russia"s refusal to extradite the man accused of poisoning of the former spy in London.

In the meantime, though, the more pressing question is not who did the last attack, but what may they be capable of next time. "It wasn"t an all-out assault, rather than a testing and probing to see how we responded," said Mr Marvet. "We have learned from it, but whoever did it will have learned too."