Language switcher

You are here

Head of CERT-EE: Estonia’s capability to manage cyber crises has improved significantly in 10 years

The conference “The present and future of cyber security”, which is dedicated to the anniversary of the large-scale cyber-attacks against Estonia in 2007, is taking place today. The conference includes discussions about the activities of the time, as well as the current situation and challenges of Estonian cyber security.

According to Klaid Mägi, Head of the Incident Response Department of the Estonian Information System Authority (RIA), the cyber-attacks of 2007 were not technologically sophisticated, but in terms of scale and coordination, they were exceptional for that time.

“Due to technological developments and the security environment, the current situation of cyber threats is much more diverse and complex. On a daily basis, RIA and our partners are dealing with more and more complex information systems, larger-scale attacks and the extensive diversity of targeted platforms, as well as users demanding convenience and simplicity. We live in an era where cybercrime is the safest way to commit a crime, which is why cybercrime today sporadically exceeds the volumes of physical crime. Cyber-attacks have also become an integral part of military conflicts,” said Mägi, Head of CERT-EE.

“In the past ten years, Estonia’s preparedness to handle cyber crises has significantly increased for certain. We have created intrusion detection and protection systems, practised cooperation with both public and private institutions, significantly contributed to the awareness of users, and we are also participating in intensive international cooperation – all this to better cope with crises,” added Mägi.

The events of 2007 were significant in the development of Estonian cyber security, as they contributed to the awareness of cyber threats and helped strengthen the security measures of the entire world, from various countries to international organisations. After those events, the international image of Estonia as a “cyber nation” emerged.

From 27 April to 18 May 2007, extensive denial-of-service attacks (DDoS) were targeted at Estonian websites. The attacks began with the public sector as, for example, the state portal and the websites of the government, the president, the Riigikogu, and the ministries of foreign affairs and defence were attacked. Later, the education sector, the media, and private websites were attacked as well. The successful and tight cooperation between the Estonian IT community and support from foreign partners is what helped combat the attacks efficiently.

The conference “The present and future of cyber security” is organised by the Estonian Information System Authority from the EU structural funds support scheme “Raising Public Awareness about the Information Society”, funded by the European Regional Development Fund. Publicon OÜ assists with conference organisation.

More news on the same subject


Further explanation of the Information System Authority (RIA) on data theft

People whose document photo was illegally downloaded do not have to get a new document or a new photo. The incident has no impact on ID-cards, Mobile-ID, Smart-ID or e-services.


The Police and Border Guard Board and the Information System Authority stopped the illegal downloading of data

28.7.2021 – Experts of the Information System Authority (RIA) have stopped the mass downloading of document photos from the identity documents database. The downloading was made possible via a security vulnerability in the photo transfer service managed by RIA. The police have detained a suspect and initiated criminal proceedings to establish the circumstances of the incident.