Watchdog forecasts uptick in cyberattacks in Estonia
The Estonian Information System Authority predicts an increase in Distributed Denial of Service (DDoS) attacks in Estonia and the broader use of the Internet of Things (IoT) to amplify the intensity of these attacks.
During a Distributed Denial of Service (DDoS) attack, services located on the network are overloaded with incoming traffic. A similar situation occurs, for example, when submitting tax returns online, where due to excessive load, people cannot access the website.
On March 5, 163 DDoS attacks against Estonian websites and services were directed at the information and communication sector. On average, about ten DDoS attacks are carried out daily in Estonia.
According to the Estonian Information System Authority (RIA), out of the 163 attacks that occurred on March 5, 160 were directed at a single telecommunications company and could be considered as one incident. RIA assesses that there is no cause for concern, as there was no impact on the functioning of services and information systems in this case.
The last serious cyberattack that reached the media occurred on Friday when AS Hansab, a company providing security solutions and servicing ATMs among other things, was attacked and had to disconnect from the external network. According to CEO Kristo Timberg they weathered the attack relatively well. "Networks and services were gradually restored, services continued, although some things had to be done differently and manually," said Timberg.
Timberg mentioned that there have been technical and other incidents in the company's history before, but nothing comparable to what happened on Friday. "The way it happened today is a first for us too. But fortunately, we have recovery plans ready. We have tested our systems and are ready to launch alternative solutions and act according to our procedures," Timberg stated.
RIA: Pro-Kremlin hackers largely behind attacks
"Denial of service attacks happen all the time, every day. Our sector is increasingly under attack today, while it might be another sector tomorrow. And as for the information and communication sector, they are quite accustomed to and prepared for attacks," said Hendre.
In its summary of the previous year, RIA noted that compared to 2022, DDoS attacks became more targeted and better prepared. "More attention is paid to who to target and in what technical manner to carry out attacks. Attackers have also realized that many services and sites have already implemented certain protective measures. They are trying to bypass these," Hendre stated.
According to RIA, many of the DDoS attacks in recent years have been driven by ideology-based hacktivists. Mostly, these are Kremlin-friendly hackers who try to punish countries supporting Ukraine with DDoS attacks.
RIA predicts that politically motivated DDoS attacks will continue this year as well. Additionally, internet-connected home devices, such as robotic vacuums and security cameras, allow attackers to increase the intensity of DDoS attacks.
"A whole bunch of devices are taken over by criminals, so to say, and made to attack some service or website. This is called the creation of a botnet. It's a worldwide trend that IoT devices are used in cyberattacks," Hendre said.
In 2023, RIA registered 484 significant DDoS attacks, which is 60 percent more than in 2022. Of these, there were 139 impactful attacks where a website or other service was down or operated slower than usual.
--
Follow ERR News on Facebook and Twitter and never miss an update!
Editor: Marcus Turovski