Large-scale Distributed Denial-of-Service (DDoS) attacks on Estonian state websites continued over the weekend, the state Information System Authority (RIA) said Sunday, though the rate of the attacks had fallen since Friday.
RIA Cyber Incident Handling Department (CERT-EE) director Tõnu Tammer said that: "At the same time, we must be prepared for attacks to continue for some time, while their volume may increase. We cannot rest on our laurels, but rather consider how to better mitigate the success of such attacks."
While sites are still under attack, malicious queries are being intercepted before they can negatively affect the systems, RIA says
RIA says the attacks which had begun Thursday last week continued through Saturday.
Tammer said that: "Several websites were attacked, with about 75 million queries being made to each of them. This means that attempts were made to overload the portals at several thousand times the [normal] load."
Tammer acknowledged that in the event of successful attacks, disruption of some sites cannot be ruled out.
He said: "We are also closely monitoring whether all other national IT systems are protected, in addition to the websites. We have not seen any anomalies so far."
RIA itself has also been targeted, though its counter-measures and those of its partners have so far held firm, Tammer added.
The attacks started around 4 p.m. last Thursday, halting temporarily that evening before resuming again on the Friday. RIA said on Friday that the DDoS attacks' impact had up to that point been "modest".
What is a DDoS attack?
A distributed denial-of-service (DDoS) attack is aimed at disrupting targeted server, service or network's normal operations, by overwhelming it and/or its surrounding infrastructure with high levels on internet traffic.
DDoS attacks also make use of multiple compromised computer systems, turning them into sources of attack traffic.
Editor: Andrew Whyte