The Baltic Times

Cybercriminals are increasingly attacking digital services

  • 2026-04-16
  • NEWS/TBT Staff

TALLINN – Cybercriminals are focusing on high-impact attack types that damage the reputation of institutions and make life as difficult as possible for ordinary people accustomed to digital services, according to a report from Estonia's largest IT and telecommunications company, Telia.

In the first quarter of 2026, Turvanet, which secures the internet traffic of Telia's business clients, registered a total of 236 million threat events, about 12 percent less than in the last quarter of last year. However, this does not mean that cybercrime is declining; on the contrary, the attack strategy has changed. "Whereas before, a large number of simple and often random attempts dominated, the focus has now shifted to attacks that are better timed, more targeted, larger-scale, and have a greater impact," said Matis Palm, a cybersecurity solutions architect at Telia.

A special emphasis has been placed on denial-of-service (DDoS) attacks, the total number of which has increased by nearly 24 percent compared to the last quarter of the previous year. In numbers, this means an increase from 276 to 434 incidents. "Large-scale DDoS attacks can paralyze critical services even in a short time and directly affect companies' business operations and reputation," Palm explains.

This means that companies' digital services become inaccessible to customers. For example, booking systems may fail, purchases cannot be completed, or other routine activities cannot be performed on an institution's or company's web environment. Therefore, he recommends that companies dependent on web services implement web application firewall protection or specialized DDoS protection. These solutions help prevent attacks and ensure the reliability of a company's digital services.

According to Palm, the evolution of attack tools is also indicated by the fact that many classic automated attack types are decreasing. For example, 70 percent fewer files containing viruses were detected compared to the previous period. Numerically, this means that business clients were attacked with viruses 21,500 times in the last quarter of last year, compared to 6,500 times in the first quarter of this year.

Turvanet registered 40 percent fewer attacks from botnets—zombie armies of infected devices—with 2.9 million attacks instead of 4.8 million. The security filter blocked phishing and malware attacks attempting to exploit people's lack of security awareness 50 million times, which is seven percent less than in the last quarter of last year.

"At first glance, this may seem like a positive development, but in reality, it points to attacks becoming more sophisticated. Automated tools, often based on artificial intelligence, help attackers avoid easily detectable 'noise attacks' and operate more stealthily," explains Palm.

By sector, the most attacked companies were in real estate, public administration and national defense, wholesale and retail trade, and the accommodation and food service sectors.

"These are sectors where the availability of services and the reliability of digital systems are directly linked to business operations—for example, websites, e-shops, ordering and booking platforms—or to critical societal functions. This is precisely why they are of greater interest and, so to speak, more 'profitable' for attackers," says Palm. He advises all companies, regardless of their field of activity, to consider how to secure their databases, increase employee cyber awareness, and find the weak spots that make them easy prey for cybercriminals.

The criminals were most active in January and February, when around 90 million threat events were blocked each month. In March, security vulnerabilities were exploited or sought 56 million times.

Turvanet is an office internet service for Telia's business clients that filters internet traffic, blocking dangerous websites, malicious activities, and DDoS attacks before they can reach a user's device and subsequently lead to the misuse of company data. While on the Turvanet network, the security filter protects all internet traffic in the office.

 

Please enter your username and password.

 Forgot your password?
 

Subscribe!

A subscription to The Baltic Times is a cost-effective way of staying in touch with the latest Baltic news and views enabling you full access from anywhere with an Internet connection. Subscribe Now!

About The Baltic Times

The Baltic Times is an independent monthly newspaper that covers latest political, economic, business, and cultural events in Estonia, Latvia and Lithuania. Born of a merger between The Baltic Independent and The Baltic Observer in 1996, The Baltic Times continues to bring objective, comprehensive, and timely information to those with an interest in this rapidly developing area of the Baltic Sea region. Read more... Our news analysis and commentaries provide readers with insight essential to understanding the three Baltic countries and their neighbors.

Publisher: Gene Zolotarev
Editor in chief: Linas Jegelevicius

Contact Us

Editorial: editor@baltictimes.com
Subscription: subscription@baltictimes.com
Advertising: adv@baltictimes.com


SIA Baltic News Limited
Reg.#: 40003044365
Address: 1-5 Rupniecibas street, Riga, Latvia
Phone: +37167229978

Stay Connected

2026 © The Baltic Times /Cookies Policy Privacy Policy