TALLINN - Hopes that the large-scale assault on Estonia's Internet infrastructure that began on April 27 had finally subsided were dashed on May 15 when a new cyber offensive blocked access to the online banking services of Estonia's second-largest bank, SEB Eesti Uhispank, for several hours.
Websites of government institutions have been the main targets of the attacks, which began following street riots sparked by the removal of the Bronze Soldier memorial from central Tallinn. To keep the sites running administrators were forced to cut off access to them from abroad, but after May 9 reported that the situation had returned to normal. Online access to Estonia's largest commercial bank, Hansapank, was also slowed for several hours on May 10.
Rica Semjonova, Communica-tions Manager at the Estonian Informatics Center, couldn't say how many sites had been effected, but told The Baltic Times that most government sites had become targets. She said the event marks the first time a country as a whole has been the victim of a cyber attack.
"If we look at the technical figures, it could be worse. But if you look at the situation that it's one country and for such a long time, then that is something totally new," she said.
The "denial of service" attacks, in which the target site is sent so many packages of information that it overloads, have mainly come from abroad, primarily from Russia. That, combined with evidence that some of the IP addresses involved have been traced to Kremlin computers, has prompted Estonia to raise the matter with international institutions.
"There is already clear evidence that these attacks are well-coordinated and that a significant amount of them originate from Russia," Foreign Minister Urmas Paet said in his address to the Council of Europe's Committee of Minsters in Strasbourg on May 11.
Defense Minister Jaak Aviksoo brought the issue to a meeting of EU defense ministers in Brussels on May 14. "When the navy of another country blocks a country's ports or when the air force of another country blocks a country's air space, this is in no way different from blocking access to the web pages of another country with cyber attacks. That cannot be treated as hooliganism, but has to be treated as an attack against the state," he said before the meeting. The issue has indeed raised alarm in military spheres. A May 10 article in The Economist said that NATO is paying special attention to the case.
"If a member state's communications center is attacked with a missile, you call it an act of war. So what do you call it if the same installation is disabled with a cyber-attack?" the journal quotes a senior Brussels official as asking.
The difference, as Rica Semjonova points out, is that while some of the culprits of the attacks can be traced, it's impossible to say whether the attacks are in fact a coordinated action or a grass-roots phenomenon. Instructions on how to participate in the attacks have been posted on several Russian Internet forums.
"We see that there have been a lot of small groups getting people involved, getting people interested. They are organized, but we don't know if there is one person behind it or if it is just something that people are going along with," she said.
