A "slightly" above average number of "cyber incidents" for the last six months was recorded by the Estonian Information System Authority (RIA) in July, the agency said on Wednesday. Monthly reports will now be published in English.
"The majority of incidents were phishing scams, as usual, denial-of-service attacks against Estonian government websites continued, and a hospital fell victim to a cyber attack," the agency said.
In total, 269 incidents "with an impact" occurred in July, which is "slightly above the average for the last six months" by the Incident Response Department of RIA (CERT-EE).
Automated monitoring also found 529 malware-infected devices – half the number found in the first months of the year.
The number of denial-of-service (DDoS) attacks has been stable in recent months, RIA said.
"Among other things, the domain name servers of the Ministry of Foreign Affairs and RIA, the school admissions information system sais.ee, and the website of the NATO CCDCOE were attacked in July. However, services were only disrupted for short periods or the attacks had no effect at all," the report said.
The agency also launched a campaign in July to make people aware of their online behavior and protect themselves. A 12-question test is available in Estonian, English, and Russian.
Hospital victim of a cyber attack
At the beginning of July, an Estonian healthcare institution notified CERT-EE of a cyber attack.
"The file server of the hospital had been wiped of data relating to the day-to-day operations and administration of the institution, but the health records of patients remained intact," RIA said.
The hospital had working backups and all data was restored.
The agency said, in recent years, it has been actively involved in the monitoring of healthcare institutions to ensure compliance with cyber security requirements and the availability of critical services.
Editor: Helen Wright