The number of cyber-attacks against Estonian media portals has doubled this year, in comparison with the preceding two years, the state's Information System Authority (RIA) says.
Whereas in 2020 RIA's cyber incident handling department, CERT-EE registered 13 incidents, of which six made an impact, and in 2021, it registered 11 incidents, seven of which made an impact, as of the end of August 2022, the figures were 27 incidents and 18 which had had impact, RIA says.
This was particularly the case with media houses, who experienced twice the volume of attacks in the first eight months of this year compared with 2020 or with 2021, a review from RIA's analysis and prevention department, which collated notifications of cyber attacks against media portals over the past three years, states.
Tõnu Tammer, head of the RIA CERT-EE department, said: "One of the reasons for this growth is definitely greater awareness - people and companies are reporting more and more cyber attacks to us every year."
"The [other] reason is certainly that Estonian media houses have been the target of pro-Kremlin cyber attackers in the current geopolitical situation, and the opposition to Russia's war [in Ukraine]. The attacks have become a means of foreign political influence, used when an unpopular decision is made in the eyes of the attackers,"
Attacks against portals primarily attempt to disrupt their work, and are also relatively easy to execute, Tammer said. "If the attack succeeds, it is immediately visible to all users, because the website would be down. This means the potential impact from DDoS attacks is relatively high," he said.
These flood a target site with heavy traffic volumes which overload the site, a bit like if 10,000 people all suddenly attempted to enter the same department store simultaneously, Tammer said.
RIA's analysis shows that the increase in the number of distributed denial-of-service (DDoS) attacks has contributed to the growth, as have scam pages imitating media portals, essentially a variant on the phishing scam which often involves replicating a trusted bank's website.
At the end of last month, news sites belonging to Estonia's two major private media companies, the Postimees Group and the Ekspress Group, came under DDoS attack.
Ekspress Media said while it had been experiencing such attacks for several years already, August's spate was more intense than previously.
Phishing emails, hacked accounts and data leaks are other types of attack which can be used for political, as well as financial, purposes, Tammer said, and urged the private media companies to analyze how they could better fend of cyber attacks.
RIA itself gives advice and guidelines on this, he noted, via its CERT-EE newsletter, its website, and the CERT-EE solution itself.
Editor: Andrew Whyte