Text size




2013 Annual Report Cyber Security Branch

This report is a summary of the most important events and topics of 2013 in the cyber security of Estonia.

2013 was a relatively peaceful year in Estonia as far as serious incidents are concerned. The number of classic isolated incidents decreased compared to earlier years, while we saw incidents that received wider attention, where cyber incidents were but a part of a carefully designed information warfare operation. Of such combined operations, the most conspicuous. 13 cases of DDoS attacks were registered in Estonia by RIA in 2013; defacements were much more numerous: 240 cases.

There was a significant development in the number, regularity and quality of reports presented to RIA by state institutions. On January 1, a Government regulation entered into effect that obliges state institutions to inform RIA of important incidents and make quarterly summaries of same. All in all, state institutions informed RIA of 135 incidents last year. Availability incidents were reported most often. There were less reports of cases related to integrity and confidentiality. Although communication with the heads of cyber security of state institutions was constant and information about the most important incidents reached RIA even before the regulation, the regulation-based reporting system has significantly organised the system; it also provides an opportunity to pay more attention to the impact of an incident.

Several reports of phishing campaigns, infected webpages and service attacks came from schools/ colleges in 2013: at least 7 campaigns were organised against educational establishments, and kindergartens were also affected. There was one case in which the phone system of an educational establishment was hacked into and hundreds of long distance calls were made.

A new phenomenon was the voice phishing (vishing) wave. A person introducing himself as a representative of Microsoft encouraged non-suspecting computer users to download a program and/or disclose passwords that would enable the impostor to access the victim’s computer and, through that, their bank account.

In preventing cyber risks, RIA continued to pay a great deal of attention to training, international cyber-exercises, and penetration tests of state institutions and critical service systems. An important milestone was the completion of another study of the lifecycle of cryptographic algorithms. It was a clear reminder that in the next 2-5 years, Estonia will have to replace several crypto-solutions, including the ones used in digital ID, m-ID and ID cards issued before 2011.

Of changes in the legal framework, the most important in 2013 was initating the Law Enforcement Act Amendment and Application Act which enhances the rights of RIA in the supervision of state databases. The amendment will became effective from July 1, 2014.

This report is aimed at strategists and specialists ensuring cyber security and interested in the field. The authors do not presuppose a deep knowledge of IT, and they will gladly receive questions or comments at riskihaldus-at-ria.ee.

2013 Annual Report Cyber Security Branch of Estonian Information System Authority (.pdf, 836 KB)

Topic: CERT, Cyber Security

Added 07.07.2014

Back to page "News"