Estonian government agencies will restrict emails from Russian domains (.ru) from reaching their mailboxes and will quarantine them for security reasons, ERR News reports.
Justice and Digital Affairs Minister Liisa Pakosta said she has decided to ban emails from Russian domains from reaching public sector institutions’ email accounts without additional security checks from the 31st of August (the anniversary of the withdrawal of Russian troops from Estonian territory). The main reason for this decision is the increased number of emails that pose a real threat to cybersecurity and are being used to gain access to databases.
Pakosta explained to ERR that the ministry is warning in advance that letters from Russian domains will no longer be delivered directly to the mailboxes of civil servants and agency employees, but will instead be subject to additional security checks. In practice, this means that they will be placed in a quarantine folder, and civil servants will be allowed to open them in accordance with the rules of their institution. When a potentially dangerous letter is placed in the quarantine folder, the employee will receive a notification about it, and then, in accordance with security conditions, they will be able to open it and decide on further action.
According to the minister, such a mechanism has already been implemented in government institutions, and letters considered suspicious according to other criteria are already quarantined, and now the origin of Russian domains will also be added to them. She added that this certainly means that the response time to emails that have come from Russian addresses will be longer.
Municipalities will be able to decide for themselves whether to follow the government’s example.
Pakosta indicated that due to the changes, he recommends that anyone who still uses .ru addresses to communicate with state institutions change their email address to one that cannot be controlled by Russian authorities as soon as possible.
The minister explained that the new security measure should not come as a surprise, as emails originating from Russian servers are increasingly being used in cyberattacks, and warnings were issued as early as 2022, immediately after Russia’s full-scale invasion of Ukraine.
Addressing the gathering on the Day of Remembrance of the Victims of Communism on the 14th of June, Pakosta also mentioned the increasingly widespread activities of Russian influence, including the spread of disinformation and the use of artificial intelligence to distort history in a favorable light for the Kremlin and to achieve its foreign policy and security policy goals through fraud and phishing, and cyberattacks. She stressed that this undermines trust in the state and public systems, and in this case the need for external attacks decreases, because society is destroying itself. The minister said that the impact of such silent attacks is very real and truly dangerous.
Read also: Lithuania hit by cyber incidents; no signs of coordinated attack