[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"doc-detail-39636-en":3,"doc-seo-39636-105":30,"detail-sidebar-cat-0-en-105":91},{"code":4,"msg":5,"data":6},0,"success",{"doc_id":7,"user_id":8,"nickname":9,"user_avatar":10,"doc_module":4,"category_id":11,"category_name":12,"doc_title":13,"doc_description":14,"doc_content":15,"file_id":16,"file_url":17,"file_type":18,"file_size":19,"view_count":20,"is_deleted":4,"is_public":21,"is_downloadable":21,"audit_status":21,"page_count":22,"language":23,"language_code":24,"site_id":25,"html_lang":24,"table_of_contents":26,"faqs":27,"seo_title":13,"seo_description":14,"update_tm":28,"read_time":29},39636,1649267921044,"Ava Thompson","https://us-avatar.wpscdn.com/avatar/1800007509477c92dfb?_k=1782875107921204101",8,"Research & Report","Cyber Security in Estonia 2024","Cyber Security in Estonia 2024 reviews the evolving threat landscape and incident patterns across 2023. It highlights increasing pressure from more targeted, sophisticated cyberattacks, with prominent coverage of DDoS activity shaped by geopolitical tensions, including the Russia-Ukraine context and related regional impacts. The report also covers serious breaches such as mixed-up patient records and the Asper Biogene data leak, ransomware against major manufacturers, and more frequent zero-day vulnerabilities. It further describes defensive initiatives like RIA’s Red Team, awareness campaigns, Cybertest training, and progress in Estonia’s i-voting.","CYBER SECURITY IN ESTONIA 2024  \n2  \nCyber Security in Estonia 2024  \nContents  \nFOREWORD  \n6  \nIncreasing pressure  \nCyberattacks have become more targeted and sophisticated, meaning that the chance of success also keeps on growing, writes Gert Auväärt, Director of Cyber Security of the Estonian State Information Authority (RIA) .  \nOVERVIEW OF 2023  \n8  \n14  \n18  \n20  \nThe situation in cyberspace: a repeat of the year of the DDoS attacks  \nGeopolitical tensions again left a mark on Estonian cyberspace. During a cold snap in November, the conflict between Israel and Hamas was felton our distant shores in the form of cyberattacks that hit the Estonian district heating network. A recurring refrain last year was denial-of-service attacks, which were related to Russia’s full-scale war in Ukraine.  \nWar in Ukrainian cyberspace: what did 2023 bring?  \nAlthough traditional warfare in Ukraine garners more attention, it is accompanied by active offensive and defensive activity in cyberspace. What trends were seen in 2023?  \nMixed-up patient data  \nLast September, a patient discovered that their medical history contained someone else’s diagnosis. The patient was one of almost 600 whose medical records had become mixed up with other individuals’ data due to a software bug.  \nAsper Biogene data leak: what exactly happened?  \nIn December, the public found out that the personal and health data of about 10,000 people had been illegally downloaded from the systems of genetic testing company Asper Biogene. The attackers threatened to publish the stolen data.  \n22  \nRansomware demands hit several large manufacturing companies  \nIn the past year, CERT-EE was notified of a number of ransomware attacks that hit companies considered large by Estonian standards, with a workforce numbering in the hundreds.  \n24  \n26  \n28  \n32  \nAn attack that cost millions  \nLast year, two metal companies in Estonia’s capital region that employ around 400 workers were hit by aransomware attack. The management went public about what happened and the reasons that led to it so they could help others avoid similar threats.  \nDDoS attacks: the previous record smashed  \nIn terms of DDoS attacks, last year was a serious successor to 2022. Not only did the year bring the sheer scale of DDoS-attacks in numbers but they also became more accurately targeted.  \nLooking back on a year of fraud  \nWhile companies were fighting against denial-of-service attacks, ransomware, and data leaks last year, individuals were surrounded by fraud from every conceivable origin. Last year, criminals defrauded people in Estonia of at least 8.3 million euros.  \nMore zero-day security vulnerabilities than usual  \nSimilarly to previous years, various vulnerabilities proliferated in 2023,  \n4 CYBER SECURITY IN ESTONIA 2024  \n34  \nbut what made the year extraordinary was the number of zero-day vulnerabilities and how frequently they were discovered.  \n2023 events in  \ninternational cyberspace  \nGeopolitical tensions – above all, continued Russian aggression in Ukraine and the escalation of the conflict between Israel and Hamas – were also reflected in international cyberspace. Ordinary cybercrime also continued.  \nSAFER  \nCYBERSPACE  \n38  \n42  \n44  \n46  \nRIA’s Red Team: ‘We want to attack infrastructure’  \nIt might be surprising to hear such a comment coming from a member of the staff of the authority responsible for the country’s cyber security, but that’s precisely the goal of RIA’s Red Team: subjecting information systems to a tough test so they would be better protected against malicious attackers.  \nLet us boost cyber security awareness  \nCoping with growing cyber threats requires everyone to be aware of the threats and conduct themselves safely in cyberspace. With this in mind, we carried out two prevention campaigns last year – one for companies, the other for individuals.  \nCybertest gets off toa fast start  \nStarting in April 2023, we are offering a free educational platform in the field of ","cbCaipAPw2ObMdrx","https://ap.wps.com/l/cbCaipAPw2ObMdrx","pdf",15502466,4,1,60,"English","en",105,"# Foreword\n## Increasing pressure\n# Overview of 2023\n## The situation in cyberspace: a repeat of the year of the DDoS attacks\n## War in Ukrainian cyberspace: what did 2023 bring?\n## Mixed-up patient data\n## Asper Biogene data leak: what exactly happened?\n## Ransomware demands hit several large manufacturing companies\n## An attack that cost millions\n## DDoS attacks: the previous record smashed\n## Looking back on a year of fraud\n## More zero-day security vulnerabilities than usual\n# 2023 events in international cyberspace\n# RIA’s Red Team and awareness initiatives\n## RIA’s Red Team: ‘We want to attack infrastructure’\n## Let us boost cyber security awareness\n## Cybertest gets off to a fast start\n## The subpar cyber health of family physicians\n## 2023 was a historic year for i-voting","[{\"question\":\"How did the threat landscape change in Estonia’s cyberspace in 2023?\",\"answer\":\"Cyberattacks became more targeted and sophisticated, increasing the likelihood of successful outcomes. Geopolitical tensions also continued to shape the cyber environment.\"},{\"question\":\"What major incidents involving data privacy were reported?\",\"answer\":\"Patient medical histories were mixed due to a software bug, affecting nearly 600 people. Separately, around 10,000 people’s personal and health data were illegally downloaded in the Asper Biogene incident.\"},{\"question\":\"Which security measures and programs did RIA implement to strengthen cyber resilience?\",\"answer\":\"RIA ran prevention campaigns for companies and individuals, launched the free Cybertest educational platform, and conducted oversight supported by standards. The Red Team performed rigorous testing of information systems to improve protection.\"}]",1783085331,151,{"code":4,"msg":31,"data":32},"ok",{"site_id":25,"language":24,"slug":33,"title":13,"keywords":34,"description":14,"schema_data":35,"social_meta":86,"head_meta":88,"extra_data":90,"updated_unix":28},"cyber-security-in-estonia-2024","",{"@graph":36,"@context":85},[37,53,68],{"@type":38,"itemListElement":39},"BreadcrumbList",[40,44,48,51],{"item":41,"name":42,"@type":43,"position":21},"https://docshare.wps.com","Home","ListItem",{"item":45,"name":46,"@type":43,"position":47},"https://docshare.wps.com/document/","Document",2,{"item":49,"name":12,"@type":43,"position":50},"https://docshare.wps.com/document/research-report/",3,{"item":52,"name":13,"@type":43,"position":20},"https://docshare.wps.com/document/cyber-security-in-estonia-2024/39636/",{"url":52,"name":13,"@type":54,"author":55,"headline":13,"publisher":57,"fileFormat":60,"inLanguage":24,"description":14,"dateModified":61,"datePublished":62,"encodingFormat":60,"isAccessibleForFree":63,"interactionStatistic":64},"DigitalDocument",{"name":9,"@type":56},"Person",{"url":41,"name":58,"@type":59},"DocShare","Organization","application/pdf","2026-07-13","2026-07-03",true,{"@type":65,"interactionType":66,"userInteractionCount":20},"InteractionCounter",{"@type":67},"ViewAction",{"@type":69,"mainEntity":70},"FAQPage",[71,77,81],{"name":72,"@type":73,"acceptedAnswer":74},"How did the threat landscape change in Estonia’s cyberspace in 2023?","Question",{"text":75,"@type":76},"Cyberattacks became more targeted and sophisticated, increasing the likelihood of successful outcomes. Geopolitical tensions also continued to shape the cyber environment.","Answer",{"name":78,"@type":73,"acceptedAnswer":79},"What major incidents involving data privacy were reported?",{"text":80,"@type":76},"Patient medical histories were mixed due to a software bug, affecting nearly 600 people. Separately, around 10,000 people’s personal and health data were illegally downloaded in the Asper Biogene incident.",{"name":82,"@type":73,"acceptedAnswer":83},"Which security measures and programs did RIA implement to strengthen cyber resilience?",{"text":84,"@type":76},"RIA ran prevention campaigns for companies and individuals, launched the free Cybertest educational platform, and conducted oversight supported by standards. The Red Team performed rigorous testing of information systems to improve protection.","https://schema.org",{"og:url":52,"og:type":87,"og:title":13,"og:site_name":58,"og:description":14},"article",{"robots":89,"canonical":52},"index,follow",{"doc_id":7,"site_id":25},{"code":4,"msg":5,"data":92},[93,97,101,105,109,114,119,122,127,130,134],{"id":21,"doc_module":4,"doc_module_name":46,"category_name":94,"show_sort_weight":95,"slug":96},"Story & Novel",90,"story-novel",{"id":47,"doc_module":4,"doc_module_name":46,"category_name":98,"show_sort_weight":99,"slug":100},"Literature",80,"literature",{"id":20,"doc_module":4,"doc_module_name":46,"category_name":102,"show_sort_weight":103,"slug":104},"Exam",70,"exam",{"id":106,"doc_module":4,"doc_module_name":46,"category_name":107,"show_sort_weight":22,"slug":108},5,"Comic","comic",{"id":110,"doc_module":4,"doc_module_name":46,"category_name":111,"show_sort_weight":112,"slug":113},6,"Technology",50,"technology",{"id":115,"doc_module":4,"doc_module_name":46,"category_name":116,"show_sort_weight":117,"slug":118},7,"Healthcare",40,"healthcare",{"id":11,"doc_module":4,"doc_module_name":46,"category_name":12,"show_sort_weight":120,"slug":121},30,"research-report",{"id":123,"doc_module":4,"doc_module_name":46,"category_name":124,"show_sort_weight":125,"slug":126},9,"Religion & Spirituality",20,"religion-spirituality",{"id":125,"doc_module":4,"doc_module_name":46,"category_name":128,"show_sort_weight":125,"slug":129},"World Cup","world-cup",{"id":131,"doc_module":4,"doc_module_name":46,"category_name":132,"show_sort_weight":131,"slug":133},10,"Lifestyle","lifestyle",{"id":135,"doc_module":4,"doc_module_name":46,"category_name":136,"show_sort_weight":106,"slug":137},19,"General","general"]