Text size




The amount of dangerous cyber incidents in Estonia has increased over the years

The annual report 2014 on cyber security prepared by the Estonian Information System Authority (RIA) shows that 2014 did not differ significantly from 2013 by total amount of incidents, but the higher criticality of consequence of incidents was clearly visible.

There was a slight increase in the percentage of incidents that had actual consequences for the institutions and users; for example, the use of document management system was disabled or, in more severe cases, digital prescription or Schengen information systems were not accessible. The main reasons listed as causes for these incidents included data communication disruptions, power cuts, software and configuration malfunctions, as well as attacks.

The total number of incidents handled by RIA and CERT-EE was nearly the same – 1,151 handled incidents in 2014; 1,164 incidents in 2013. The percentages of  different types of incidents (defacement, infections, and phishing) are also similar. The change becomes evident when assessing the nature of incidents –there are more wisely and precisely targeted attacks that affect the services or reputation of the state, or both.

Out of all the handled malware incidents, the ones that took place via the Elron website are most noteworthy. The website of a company providing important transport services was hacked into and used repeatedly to spread malware. Considering that “Elron” was the most googled word in Estonia in 2014, the incident undoubtedly had a large-scale effect. This proves a need to acknowledge information security topics in organisations and the society on a wider scale, and in a more serious and consistent manner.

Toomas Vaks, Deputy Director of RIA in the Field of Cyber Security, writes in the foreword to the annual report that the globally worsened security context also reflected in the incident statistics – the number of incidents related to foreign special service activity has increased significantly. Over the year, many denial-of-service attacks occurred that test the limits of Estonian e-services.

Vaks estimated that several critical disruptions clearly proved the fact that the functioning of the Estonian state, including the external border guard and the functioning of internal security, is today dependent on the Estonian state network and the data communication between the state institutions.

“The high level of trust also sets increasingly higher expectations to guaranteeing cyber security and the capabilities of managing incidents and crises,” wrote Vaks.

Read the summary on RIA’s website: www.ria.ee/public/Kuberturvalisus/RIA-Kyberturbe-aruanne-2014_ENG.pdf (2.9 MB)

Topic: Cyber Security

Added 30.03.2015

Back to page "News"