Text size




Head of RIA: last year was proof that securing the digital lifestyle requires investing in the security of information systems

The number of cyber incidents registered in Estonia has been increasing for several years. There are several reasons for this.

‘First of all, criminals take more advantage of our digital lifestyle, meaning that there are more attacks. Secondly, the capability of detecting cases has improved. The more we investigate, the more we discover. Additionally, companies are more aware and put more emphasis on cyber security, meaning that more anomalies are reported,’ said Taimar Peterkop, the Director General of the Information System Authority.

In spite of improved awareness, readiness in various sectors is uneven and the owners of equipment do not discover many incidents that endanger the users of the services in addition to the owner of the systems. ‘The attacks are still targeted at the health sector, energy companies, and public authorities, the functioning of which affects the well-being and lives of people. Ransomware campaigns, which aim to paralyse systems and blackmail the victims, are well-thought-out attacks, against which it is very difficult to defend oneself fully. We must contribute to information systems and their security in the same way we do to, for example, the follow-up trainings of doctors, because even the skills of the best doctor may not be enough if the medical history and treatment information are unavailable due to an attack on the systems. This can be illustrated with the extensive campaigns from last year, such as WannaCry and NotPetya, which fortunately did not cause major losses for Estonia, said Peterkop.

Last year was challenging for Estonia and the world as a whole: weaknesses in popular smart and digital devices were discovered and the personal data and passwords of millions of people were leaked. ‘The Estonian digital state was able to overcome one of the biggest challenges – the security risk of the Estonian ID-card was resolved successfully. People continued to use e-services and have confidence in digital identity. Many other countries were not so lucky. However, such challenges in the cyber world are becoming more and more serious and we need to be well prepared for them. Criminals or hostile nations whose intention is to manipulate information, earn easy money in a criminal way, or undermine their opponent’s credibility, take advantage of every opportunity. We have to be one step ahead of them – we have to do everything possible to be as thorough and careful in the digital world as possible, protect our systems, and, if necessary, ask the state for help.’

Last year, the Incident Response Department of the Information System Authority recorded about 11,000 cyber security cases – one third more than in 2016. Last year, 122 incidents were registered that had a direct impact on a service vital to the functioning of the state and society – the lowest figure in the last three years. Last year, 32 known cyber incidents took place in the Estonian healthcare sector, and ten of these cases had a direct influence on the work of hospitals and general practitioners.

Annual Cyber Security Assessment 2018 (.pdf, 2.36 MB)

Topic: CERT, Cyber Security

Added 06.06.2018

Back to page "News"