This July, the Estonian State Information System Authority (RIA) is launching a cyber awareness campaign to draw attention to some of the dangers that lurk in Estonian cyberspace and may lead to both businesses and individuals being deprived of important data, access to accounts and money.
The campaign calls on people to be more aware of their online behavior and to test their IT skills.
"Reports of someone losing money online have become commonplace. The sums involved are not small, sometimes running into the thousands of euros. Unfortunately, either due to carelessness or lack of awareness, people often make life much easier for cyber criminals. We have seen over a number of years that greater awareness of the dangers lurking in cyberspace can help, both in protecting individuals and maintain healthy online systems," said Märt Hiietamm, head of the RIA's Analysis and Prevention Department.
The cyber awareness test has been available to everyone since June and consists of a series of engaging and practical instructional videos, which explain how to protect yourself from common cyber threats. There is also a 12-question test for users to assess their knowledge.
"A lot of scams and other cyber incidents would be a thing of the past if people followed basic cyber hygiene rules. The videos and the test have been designed precisely for the explanation and reinforcement of these rules," said Märt Hiietamm.
The campaign will run until August 4, with messages to promote it also appearing on city streets and in the Estonian media. An additional 10-part cyber security series called "Ohtlik klikk" ("Dangerous Click") will be launched on July 3 on Kuku Radio (in Estonian), with new episodes airing on Mondays.
The aim of the series is to inform the public about the dangers and issues of operating in cyberspace, as well as highlight their personal responsibility for preventing and dealing with the consequences of cyber incidents.
In the first five months of this year, the RIA recorded around 550 phishing scams, whereby scammers trick people into giving out their bank card details and PIN codes. The agency also recorded around 1,200 incidents in which the confidentiality and availability of data or information systems was affected. Around 5,000 devices infected with malware were also detected.
Some examples of these cyberattacks include:
1.In May, RIA's Cyber Incident Handling Department (CERT-EE) was alerted to a large number of messages sent on behalf of various service providers, which contained a link to a data collection page created by criminals. These incidents were particularly frequent for emails sent on behalf of postal service providers. At the start of the year, there was also an increase in the number of Smart-ID user data phishing attacks.
2. Email and social media account takeovers are on the rise. In general, this means users can no longer access their own accounts due to the associated email address and/or password having been changed. As access to email accounts is often required for the recovery of passwords for a number of other online environments, this also often gives attackers the opportunity to change users' other passwords as well.
3. In May, a well-known technology company's online shop was hit with a cyberattack, resulting in a malicious script being installed on its website. The attack was possible because the company had not updated the relevant software.
4. Emails are being sent on behalf of universities with attached DOCX files infected with Trojan horse-type malware. When opened, the files enable the attacker to gain access to the user's device.
5. In March, a Tallinn-based furniture manufacturer was hit by a billing scam whereby one of its customers based abroad was sent an invoice from the company's email account containing the bank details of the scammers.
6. In March, hundreds of websites in Estonia that may have been infected with a spyware called RedStealer were identified. This malware is designed to steal usernames and other sensitive data.
7. In February, a ransomware attack was launched against an IT service provider, encrypting data and backups on servers and workstations. The incident disrupted the operations of two of the companies for which the IT company that was attacked provides services.
The online materials and test are available in English here.
Editor: Michael Cole