The Estonian Information System Authority recorded a dramatic rise in notifications of cyber incidents in 2018, according to the recently published Annual Cyber Security Assessment. The number of incidents recorded has almost doubled compared to previous years. However, fewer critical incidents were registered than the year before.
Overview of Incidents
The CERT-EE division of the Information System Authority registered 17,000 cases, which is 6,000 more than in 2017. Approximately 3,400 cyber incidents were registered that affected systems or data, whereas near a hundred incidents were considered high-priority.
The highest number of incidents – over half of all registered cases – was caused by malware that infected devices with botnets. Huge damage was also caused by ransomware that affected large enterprises as well as small family health centres. Campaigns of phishing messages occurred in Estonia in waves, aiming to steal either the passwords or credit card data of users. Security risks and errors that caused service disruptions in several systems were also detected and fixed. Companies were harmed by the increasing occurrence of financial fraud, including e-mail compromising, or e-mail spoof, used by criminals to send hundreds of fake invoices. Such instances of invoice fraud caused over half a million euros’ worth of damage. The Information System Authority receives weekly notifications of spoofed e-mail conversations and money transfers to criminals.
More Knowledgeable Users
According to Uku Särekanno, the Director of Cyber Security of the Information System Authority, the increase of incidents is caused by increased awareness and a clearer understanding of the situation.
“We receive more notifications of cyber incidents because people are generally more aware. Institutions and enterprises have also submitted significantly more information compared to previous years, because according to the Cybersecurity Act that entered into force last spring, state authorities as well as vital service providers are now obligated to notify us. We have also improved our own capabilities of detecting cyber incidents, because criminals are more active with every passing year,” Särekanno explained.
A number of basic steps were taken in 2018 that allows the Estonian digital society to remain on stable footing. Namely, legal frameworks were tightened and tidied up both in Estonia and on the European Union level. The latter being of course the GDPR, but also the Cyber Security Act and the Personal Data Protection Act in Estonia.
The new Cyber Security Strategy for 2019-2022 will focus on developing a new information security standard, establishing a national cyber security centre and systematic prevention efforts. However, above all there is need for understanding that security is not only at the hands of IT specialist, but it’s something to consider for governments, business leaders and, of course, end users.