DDos cyberattacks against Estonian state websites continued on Friday after halting temporarily on Thursday evening, the State Information System Authority (RIA) said. Their impact so far has been "modest".
"On Friday, they did not have much of an impact on users," said Tõnu Tammer, head of RIA's Cyber Incident Handling Department (CERT-EE).
"There have been situations where an under attack website was unavailable for a short time. When we saw something like this, we made technical corrections as soon as possible to stop the attack. So far, the impact on people has been very small," Tammer said, adding RIA is working with its partners to keep it this way.
Almost 700 million malicious inquiries have been made to Estonian websites between Friday morning and noon, mostly from outside of Europe, preliminary data shows.
"We can guess who could be behind the attacks but it is not wise to share unverified information. Mentioning a group also gives them attention they don't actually deserve," Tammer said.
Websites targetted so far include the president (president.ee), Ministry of Foreign Affairs (vm.ee), Police and Border Guard Board (politsei.ee), digital state services portal (eesti.ee), the ID card information page (id.ee), NATO Cooperative Cyber Defence Centre of Excellence (ccdcoe.org), state train company Elron (elron.ee) and tallinn-airport.ee.
The initial attacks started at 4 p.m. Thursday with the aim of overloading websites and temporarily stopped users from accessing some state websites. They stopped at 11 p.m. but then restarted overnight.
RIA believes they may have been timed to coincide with the Locked Shields cyber defense exercise which ended today.
What is a DDoS attack?
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices.
Editor: Helen Wright