The Spokesman-Review Newspaper
The Spokesman-Review Newspaper The Spokesman-Review
Spokane, Washington  Est. May 19, 1883
Current Temperature
46°F
Current Conditions
Mist
View complete weather report

Color Scheme

Subscribe now

Estonia hit hard by cyber attacks

Peter Finn Washington Post

TALLINN, Estonia – This small Baltic country, one of the most wired societies in Europe, has been subject in recent weeks to massive and coordinated cyber attacks on Web sites of the government, banks, telecommunications companies, Internet service providers and news organizations, according to Estonian and foreign officials here.

Computer security specialists here call it an unprecedented assault on the public and private electronic infrastructure of a state. They say it is originating in Russia, which is angry over Estonia’s recent relocation of a Soviet war memorial. Russian officials deny any government involvement.

The NATO alliance and the European Union have rushed information technology specialists to Estonia to observe and assist during the attacks, which have disrupted government e-mail and led financial institutions to shut down online banking.

As societies become increasingly dependent on computer networks that cross national borders, security experts worry that in wartime, enemies will attempt to cripple those networks with electronic attacks. The Department of Homeland Security has warned that U.S. networks should be secured against al-Qaida hackers. Estonia’s experience provides a rare chance to observe how such assaults proceed.

“These attacks were massive, well targeted and well organized,” said Jaak Aaviksoo, Estonia’s minister of defense, in an interview. They can’t be viewed, he said, “as the spontaneous response of public discontent worldwide with the actions of the Estonian authorities” concerning the memorial. “Rather, we have to speak of organized attacks on basic modern infrastructures.”

The Estonian government stops short of accusing the Russian government of orchestrating the assaults, but alleges that authorities in Moscow have shown no interest in helping to end them or investigating evidence that Russian state employees have taken part. One Estonian citizen has been arrested, and officials here say they also have identified Russians involved in the attacks.

Estonian officials said they traced some attackers to Internet protocol addresses that belong to the Russian presidential administration and other state agencies in Russia.

“There are strong indications of Russian state involvement,” said Silver Meikar, a member of Parliament in the governing coalition who follows information technology issues in the country. “I can say that based on a wide range of conversations with people in the security agencies.”

Russian officials deny that claim. In a recent interview, Kremlin spokesman Dmitri Peskov called it “out of the question.” Reached Friday at a Russia-EU summit, he reiterated the denial, saying there was nothing to add.

Estonia has a large number of potential targets. The economic success of the tiny former Soviet republic is built largely on its status as an “e-society,” with paperless government and electronic voting. Many common transactions, including the signing of legal documents, can be done via the Internet with digital signatures.

The attacks began on April 27, a Friday, within hours of the war memorial’s relocation. On Russian-language Internet forums, Estonian officials say, instructions were posted on how to disable government Web sites by overwhelming them with traffic, a tactic known as a denial of service attack.

The Web sites of the Estonian president, the prime minister, Parliament and government ministries were quickly swamped with traffic, shutting them down. Hackers defaced other sites, putting, for instance, a Hitler mustache on the picture of Prime Minister Andrus Ansip on his political party’s Web site.

The Estonian government began blocking Internet traffic from Russia on April 30 by filtering out all Web addresses that ended in .ru.

By April 30, security experts noticed increasing sophistication. Government Web sites and new targets, including media Web sites, came under attack from electronic cudgels known as botnets. Bots are computers that can be remotely commanded to participate in an attack.

By May 1, Estonian Internet service providers had come under sustained attack.

On May 9, the day Russia celebrates victory in World War II, a new wave of attacks began at midnight Moscow time.

“It was the Big Bang,” said Hillar Aarelaid, a lead specialist at Estonia’s Computer Emergency Response Team. By his account, 4 million packets of data per second, every second for 24 hours, bombarded a host of targets that day.

By May 10, bots were probing for weaknesses in Estonian banks.