A total of 190 significant cyber attacks were reported in September, the highest figure for any month this year. Several attacks took advantage of the education sector at its busiest time.
The start of the new school year was accompanied by a fresh upsurge in incidents affecting educational institutions, the state Information System Authority (RIA) says, with the Tahvel learning information system, and the moodle.edu.ee learning environment made available by the Education and Youth Board one example of this.
Retail and accountancy firms also reported incidents involving ransomware, BNS reports, including the use of encryption and the exploitation of incorrectly configured Remote Desktop Protocol (RDP). In one case, backup data was also encrypted, though RIA's CERT-EE ransomware decryptor was successfully used in recovering this.
Several phishing and malware campaigns, mainly presenting themselves as legitimate communications from SEB Bank and other banks.
Servers associated with Tallinn University of Technology, Tartu University Hospital and the Education and Youth Board (Haridus ja Noorteamet) were also the subject of attacks, while CERT-EE, a monitoring body which is a part of RIA, has since late summer provided infrastructure support to RIA to deal with the attacks.
To date, the tool has been used by almost 30 providers of critical services, at many of which it helped to identify both medium and high level security vulnerabilities. All companies that wanted to check their online services received an encrypted report from RIA on the results and, if desired, further advice on interpreting the results and eliminating the deficiencies, BNS reports.
In summer, a hacker was able to obtain nearly 300,000 personal ID photos from the national ID card system.
Editor: Andrew Whyte