Number of serious cyber-security incidents on the rise ({{commentsTotal}})

The Estonian Information System Authority's (RIA) annual report shows that although the number of cyber-security incidents in Estonia has not increased, the breaches have become more severe.

RIA handled a total of 1151 incidents in 2014, 20 percent of which were highly critical and 486 involved state institutions. The most common reasons for incidents were attacks, power cuts, data communication disruptions and software malfunctions.

Although the number of different types of incidents - e.g. defacement, malware, phishing - are comparable to those of 2013, they have become more dangerous in nature, affecting organizations and users alike. Moreover, there is an increasing number of carefully planned attacks that damage the reputation of the state and/or its services.

One of the most noteworthy malware incidents last year involved the state-owned passenger rail operator Elron. The website of the transport company was hacked and used to infect visitors's computers. As Elron was the most popular Google search term in Estonia last year, the damage was considerable.

The number of incidents related to foreign secret services has also significantly risen. Throughout the year, there were several denial-of-service attacks (22 in 2014, 13 in 2013) designed to test the limits of Estonian e-services.

RIA's Director of Cyber Security Toomas Vaks said that the critical disruptions clearly demonstrate how much the functioning of the state and its agencies, including internal security and the surveillance of external borders, relies on data communication between the state institutions.

"The high level of trust also sets increasingly higher expectations to guaranteeing cyber security and the capabilities of managing incidents and crises," Vaks wrote in the foreword of the report.

Elron's example too demonstrates the need for deeper understanding of cyber-security issues within organizations and in the society as a whole. "The main means for organizations, the state and each individual to increase their level of cyber security is to improve their skills and knowledge, in order to identify risks and have functioning back-up plans, in case something actually happens. To alleviate the consequences of the incidents, just having a plan B is not enough – we also need a plan C," Vaks said.

You can read the full report here.

Editor: M. Oll

Easter Monday a public holiday? But you're forgetting productionEaster Monday a public holiday? But you're forgetting production
Estonia’s Easter Monday time loop: Discussing an additional day off

Every year, Estonia reliably asks itself the question whether or not Easter Monday should be made a public holiday. Opinions differ. While one side emphasizes the importance of family time, the other thinks an additional day off would threaten economic growth.

Minister of Social Protection Kaia Iva (IRL).Minister of Social Protection Kaia Iva (IRL).
Samost: Kaia Iva’s charisma could help IRL out of long-term low

In Sunday’s “Samost ja Rumm” radio debate show, editor-in-chief of ERR’s online news, Anvar Samost, and journalist and former politician Hannes Rumm discussed the potential and actual candidates for the chairmanship of the Pro Patria and Res Publica Union (IRL). At the time of the broadcast, Helir-Valdor Seeder had not yet made his intention to run public.