Financial Crime World

Cybersecurity and Financial Crime on the Rise in Estonia

A Year of Unprecedented Breaches

Last year was marked by unprecedented cybersecurity breaches, with cybercriminals exploiting vulnerabilities to wreak havoc. However, from crisis comes opportunity for growth, says Gert Auväärt, Director of the Cyber Security Branch at the Information System Authority (RIA).

The RIA’s Role in Estonia’s IT Infrastructure

The RIA is responsible for coordinating the development and implementation of Estonia’s IT infrastructure, ensuring interoperability across public and private sectors, and managing the country’s cybersecurity realm.

Latest Yearbook Highlights

According to the latest yearbook published by the RIA, titled “Cyber Security in Estonia 2022”, last year was marked by a significant increase in cyber vulnerabilities. In addition to global incidents like the Log4j zero-day vulnerability, Estonia itself faced several major security breaches.

Notable Incidents

One notable incident involved a security vulnerability that allowed an attacker to illegally download nearly 300,000 document photos from Estonia’s identity documents database. The breach was quickly detected and patched, with the criminal caught within days and the downloaded data confiscated.

RIA’s Automated Security Vulnerability Notifications

RIA received a total of 73,826 automated security vulnerability notifications in 2021, up from 55,635 the previous year. Denial-of-service attacks remained the most prevalent type of cybercrime, followed by phishing attempts.

Ransomware Attacks Continue to Plague Estonia

Ransomware attacks also continued to plague Estonia, with 30 incidents reported last year, down from 30 in 2020 but still a cause for concern. The global ransomware epidemic shows no signs of slowing down, with major companies like Colonial Pipeline and JBS falling victim to these devastating attacks.

Staying Protected Against Ransomware

To stay protected against ransomware attacks, the RIA advises using the latest software version, making regular backups, restricting system user rights, and training employees on cyber threats.

Lessons Learned from Ransomware Attacks

In the event of a ransomware attack, the RIA warns against paying the criminals, as this only motivates them to continue their criminal activities. Instead, victims should report the incident to [email protected].

Estonia’s Cybersecurity Landscape in 2022

Estonia’s cybersecurity landscape is expected to remain challenging in 2022, with more critical vulnerabilities likely to be revealed and ongoing tussles with cybercriminals who fail to patch vulnerabilities swiftly.

A Global Leader in Cybersecurity

However, Estonia remains a global leader in cybersecurity, thanks to its size, language environment, and steady improvement in cyber hygiene. The country’s nationwide internet voting system is another unique feature, with 46.9% of votes cast electronically during last year’s local elections.

Looking Ahead to the Future

As the RIA looks to the future, it is preparing for possible incidents caused by Estonia’s legacy systems and continuing to improve its response speed and capacity. With cybersecurity threats evolving rapidly, it is more important than ever for individuals and businesses to stay vigilant and take proactive steps to protect themselves against these emerging risks.

Proactive Steps Against Emerging Risks

  • Stay informed about the latest cyber threats and vulnerabilities
  • Keep software up-to-date with the latest security patches
  • Back up critical data regularly
  • Restrict system user rights and monitor user activity
  • Train employees on cyber threats and best practices