Language switcher

You are here

Notifications of cyber incidents doubled in 2018

Front Page of the Annual Cyber Security Assessment 2019
Front Page of the Annual Cyber Security Assessment

Last year, the Information System Authority received several times more notifications of cyber incidents compared to previous years. Most financial damage was caused by invoice frauds.

According to Uku Särekanno, the Director of Cyber Security of the Information System Authority, the increase of incidents is caused by increased awareness and a clearer understanding of the situation. ‘We receive more notifications of cyber incidents because people are generally more aware. Institutions and enterprises have also submitted significantly more information compared to previous years, because according to the Cybersecurity Act that entered into force last spring, state authorities as well as vital service providers are now obligated to notify us. We have also improved our own capabilities of detecting cyber incidents, because criminals are more active with every passing year,’ Särekanno explained.

The highest number of incidents – over half of all registered cases – was caused by malware that infected devices with botnets. Huge damage was also caused by ransomware that affected large enterprises as well as small family health centres. Campaigns of phishing messages occurred in Estonia in waves, aiming to steal either the passwords or credit card data of users. We also detected and fixed several systems that contained security risks and errors, causing service disruptions. Companies were harmed by the increasing occurrence of financial fraud, including e-mail compromising, or e-mail spoof, used by criminals to send hundreds of fake invoices. Such instances of invoice fraud caused over half a million euros’ worth of damage. The Information System Authority receives weekly notifications of spoofed e-mail conversations and money transfers to criminals.

‘Cybersecurity is of critical importance because a large number of people operate with various IT devices daily and all procedures are based on digital solutions. Criminals do not choose their victims, but find the weakest link – either a user with little knowledge of computers or sore spots of neglected systems that weaken all devices. Careless and uninformed actions may cause serious consequences and, in worst cases, economic damage or a disruption in vital services that affect many people. Cybersecurity is not the sole concern and responsibility of IT specialists. It affects us all, which is why it requires attention and resources,’ Särekanno said.

Last year, the CERT-EE division of the Information System Authority registered 17,000 cases, which is 6,000 more than in 2017. Approximately 3,400 cyber incidents were registered that affected systems or data, whereas near a hundred incidents were considered high-priority.

In addition to the assessment by the Information System Authority, an annual overview on security and safety is provided by Estonian and foreign partners.

The Annual Cyber Security Assessment 2019 (4.35 MB, PDF)

More news on the same subject


Estonian Information System Authority Calls for Businesses to Report Cyber Attacks

The Estonian Information System Authority (in Estonian Riigi Infosüsteemi Amet, RIA) has issued a call for local businesses to report cyber incidents because it is the only way for the government to acquire a comprehensive overview of the threats present in the Estonian cyberspace and offer effective solutions to mitigate them.


Ransomware attacks have become more brutal

The review of the cyberspace of the Information System Authority (RIA) in the second quarter shows that the tactics of ransomware attacks have become increasingly brutal, because in addition to encrypting data, it is also stolen and threatened to be disclosed.