Estonia faced its most extensive cyberattacks since 2007 on Wednesday, August 17, following the removal of a Soviet tank monument from the eastern border city of Narva, the government’s Chief information officer said on Thursday, reports Estonian Public Broadcasting ERR.
CIO and Undersecretary for Digital Transformation Luukas Ilves commented on social media that on August 17 Estonia was subject to the most extensive cyberattacks it has faced since 2007. Attempted DDoS (Distributed Denial-of-Service Attack) attacks targeted both public institutions and the private sector.
«The attacks were ineffective. E-Estonia is up and running. Services were not disrupted. With some brief and minor exceptions, websites remained fully available throughout the day. The attack has gone largely unnoticed in Estonia.»
Ilves praised teams at the state’s online service portal e–Estonia, the Estonian Information System Authority (RIA) and others who had helped fight the attacks.
RIA’s incident handling department CERT-EE said it had identified 24 websites and services infected with malware over the last 24 hours through which the attackers tried to target and infect internet users in Estonia.
During additional monitoring, malware was detected on 137 devices and internet service providers were informed about them, informs ERR.
«Last night there were 12 DDoS attacks made against various state institutions or their websites. There were also four DDoS attacks directed at private sector organizations, but behind these you can also see the wish to attack one or another state service. Eight DDoS attacks targeted a specific website. In nine attacks, no impact was detected, and in seven attacks, interruptions to services may have occurred for several minutes,» RIA said.
Additionally, eight phishing attempts were also made to collect people’s email and bank account information.
Hacker group claims responsibility
The Digigenius news portal wrote on Wednesday, August 17, that a pro–Kremlin hacking group has targeted almost all of state institutions and DDoS attacks had been made on SK ID Solutions, which is used to authenticate Estonia’s ID card online.
Kalev Pihl, head of SK, told Digigenius the attack has resulted in short–term service interruptions.
Killnet has taken responsibility for the attacks. The group also targeted Estonia during the Locked Shields cyber exercise earlier this year.
Last week Killnet attacked the Latvian government’s website after the Saeima accused Russia of funding terrorism.
Bronze Soldier cyber attacks
In 2007, Estonia was subjected to cyberattacks after it moved a World War Two Soviet statue, known as the Bronze Soldier, from central Tallinn to a graveyard on its outskirts.
Estonia pinned the blame on Russia, making it the first use of wide–ranging cyber–attacks against a state. Local media outlets and the Estonian government’s online briefing room were among the first targets. The cyberattacks lasted with varying intensity for 22 days.
T-34 tank removal
On Wednesday, after several weeks of deliberation, the Estonian government removed the Soviet–era T–34 tank from a plinth just outside Narva.
The monument, erected in 1970, commemorated the «liberation» of the city from the Nazis during World War Two. The following battle destroyed more than 90 percent of buildings in Narva.