Language switcher

You are here

Notifications of cyber incidents doubled in 2018

Front Page of the Annual Cyber Security Assessment 2019
Front Page of the Annual Cyber Security Assessment

Last year, the Information System Authority received several times more notifications of cyber incidents compared to previous years. Most financial damage was caused by invoice frauds.

According to Uku Särekanno, the Director of Cyber Security of the Information System Authority, the increase of incidents is caused by increased awareness and a clearer understanding of the situation. ‘We receive more notifications of cyber incidents because people are generally more aware. Institutions and enterprises have also submitted significantly more information compared to previous years, because according to the Cybersecurity Act that entered into force last spring, state authorities as well as vital service providers are now obligated to notify us. We have also improved our own capabilities of detecting cyber incidents, because criminals are more active with every passing year,’ Särekanno explained.

The highest number of incidents – over half of all registered cases – was caused by malware that infected devices with botnets. Huge damage was also caused by ransomware that affected large enterprises as well as small family health centres. Campaigns of phishing messages occurred in Estonia in waves, aiming to steal either the passwords or credit card data of users. We also detected and fixed several systems that contained security risks and errors, causing service disruptions. Companies were harmed by the increasing occurrence of financial fraud, including e-mail compromising, or e-mail spoof, used by criminals to send hundreds of fake invoices. Such instances of invoice fraud caused over half a million euros’ worth of damage. The Information System Authority receives weekly notifications of spoofed e-mail conversations and money transfers to criminals.

‘Cybersecurity is of critical importance because a large number of people operate with various IT devices daily and all procedures are based on digital solutions. Criminals do not choose their victims, but find the weakest link – either a user with little knowledge of computers or sore spots of neglected systems that weaken all devices. Careless and uninformed actions may cause serious consequences and, in worst cases, economic damage or a disruption in vital services that affect many people. Cybersecurity is not the sole concern and responsibility of IT specialists. It affects us all, which is why it requires attention and resources,’ Särekanno said.

Last year, the CERT-EE division of the Information System Authority registered 17,000 cases, which is 6,000 more than in 2017. Approximately 3,400 cyber incidents were registered that affected systems or data, whereas near a hundred incidents were considered high-priority.

In addition to the assessment by the Information System Authority, an annual overview on security and safety is provided by Estonian and foreign partners.

The Annual Cyber Security Assessment 2019 (4.35 MB, PDF)

More news on the same subject


The best protection against phishing is human–machine collaboration

The history of phishing goes back to the late 1980s, when such a theoretical attack was first described. The very first real phishing attempts were made in the mid-1990s and since then, the number of phishing attacks has increased in both content and volume. In the last ten years, the number of phishing campaigns has slightly more than tripled, reaching more than a million campaigns a year.


Phishing campaigns spread in the Estonian cyberspace in November and there were two denial-of-service attacks

222 cyber incidents were detected by or reported to the Information System Authority in November. November had phishing campaigns and a denial-of-service attack on two Estonian companies.