Financial Crime World

Estonia’s Cybersecurity Battle: 2022 Sees Rise in Financial Fraud and Ransomware Attacks, But Authorities Promise to Stay Ahead of the Game

Unprecedented Cyber Vulnerabilities Mark 2021

In a year marked by unprecedented cyber vulnerabilities, Estonia’s cybersecurity landscape has witnessed a significant surge in financial fraud and ransomware attacks. The country’s government office responsible for coordinating IT infrastructure development and ensuring national cybersecurity, the Information System Authority (RIA), reports a 20% increase in reported financial fraud cases in 2021, resulting in losses of €2.8 million.

Types of Financial Fraud

The most common types of financial fraud identified by RIA include:

  • Cryptocurrency scams
  • Invoice fraud
  • Investment fraud through dating apps
  • Phishing and phone call scams

While authorities were able to intercept two major invoice frauds involving millions of euros, the rise of cryptocurrency as a popular fraud medium has prompted the government to introduce new regulations expected to be approved in spring 2022.

Ransomware Attacks on the Rise

Ransomware attacks also made headlines in Estonia last year, with 30 reported incidents compared to 33 in 2020. While this may seem like a relatively low figure, the impact of these attacks can be devastating, as seen in global ransomware cases such as the attack on US energy company Colonial Pipeline.

Combatting Cybercrime

To combat the growing threat of cybercrime, RIA has announced plans to establish a program rewarding white-hat hackers for discovering and reporting potential vulnerabilities. This approach is already being used by several countries, including the United States, and aims to stay ahead of malicious actors.

In addition to these initiatives, RIA urges individuals and businesses to take proactive measures to prevent ransomware attacks, including:

  • Using the latest software versions
  • Making regular backups
  • Restricting system user rights
  • Training employees on cyber threats

Staying Ahead of Cyber Threats

Estonia’s cybersecurity landscape has been praised for its relatively low rate of ransomware attacks compared to other countries. The country’s small size, language environment, and steady improvement in cyber hygiene are cited as contributing factors to this success.

However, RIA warns that the threat is far from over, with more critical vulnerabilities expected to be revealed in 2022 following the Log4j zero-day vulnerability.

Commitment to Cybersecurity

As Estonia continues to evolve its cybersecurity capabilities, authorities promise to remain vigilant and prepared for potential incidents caused by legacy systems. The country’s commitment to staying ahead of cyber threats has been demonstrated through its successful implementation of nationwide internet voting, with 46.9% of votes cast online during the 2021 local elections.

Looking Ahead

With phishing expected to remain a dominant threat in 2022 and ransomware continuing to rage globally, Estonia’s cybersecurity authorities are poised to respond swiftly and effectively to any emerging threats. The full Cyber Security in Estonia 2022 report is available for download on the RIA website.