Being the Best at Securing Your Network is Not Enough: The Case of Estonia

Being the Best at Securing Your Network is Not Enough: The Case of Estonia

When it comes to digitalization and cybersecurity, there is one country in this world that is several steps ahead of all others: Estonia. At the collapse of the USSR, Estonia was 50 years behind the developed world in terms of technology. By that time, already 20% of Americans were using computers, whereas not a single one could be found in Estonia. Everything was to be rebuilt and they had to take drastic actions in order to catch up with their western neighbors. The country’s leaders took a bet on a very new and promising technology: the Internet. Indeed, the country did not have enough workers to rebuild itself the traditional way. Today, 95% of the Estonian population has a digital ID equipped with a chip allowing them to proceed with numerous daily activities on the Internet. It allows them to vote, pay their taxes, access their medical records, and even pay their bills to private telecom and energy companies. Estonia was the first country in the world to recognize the Internet as a social right and 98% of the population has access to high-speed broadband.

Mecca for Entrepreneurs

Estonia is also a very appealing country for startups all around the globe, and anybody can obtain Estonian citizenship for their company in a few minutes, online, from anywhere in the world. According to many entrepreneurs, the high level of technology in this country makes everything easier, more accessible, and safer. Indeed, Anna Piperal, the managing director of Estonia’s e-showroom claims all of their information sharing systems are secured using blockchain technology. But when it comes to digitalization, the cyber security topic is never too far, and the risks of seeing one’s data leaking and ending up out of their control perimeter are always high. Although the Estonian system is fluid and theoretically secured, the country experienced one of the most massive cyber attacks known until today.

Estonia Servers Under Attack

On the 27th of April 2007, many Estonian websites went under a series of attacks. The country’s servers monitored a high peak of connections coming from servers located all around the globe at the same time. The number of connection attempts was so high that the Estonian servers couldn’t handle them and went down. These kinds of attacks that aim at taking down services by requesting them so much that they can’t process that much activity are called Distributed Denial of Service (DDoS) attacks. This DDoS attack was notable for its strength and for the fact that it was aiming at a whole country and not a private entity.

Map representing the locations of the servers that attacked Estonian websites.

The attack took down Estonian banks’ websites as well as email and newspaper servers, but also government websites, including the official portal that’s used to allow Estonians to access their administrative, health, and financial information online. The whole country was thus paralyzed for three weeks. Although the origin of the attack remains unclear until today, we can focus on the results of this attack and the solutions that were found in order to prevent a similar event in the future.

The Response

Following the disastrous consequences for the economy of the country and the impact on the lives of its inhabitants, Estonia decided to create what they call “digital embassies”—backups of all of their digital assets that are stored in other countries. The first one was established in Luxembourg in June 2017, but the aim here is to create a bigger network of servers hosting the country’s assets. Thus, the government and the population would still be able to access their data if there was another attack. It is interesting to note that this attack and the Estonian government’s reaction actually strengthened public confidence in this digitalized system. However, by entrusting servers located in another country with their precious assets, Estonians placed them outside of their own network and therefore on a perimeter they do not entirely control, thus facing the risk of potential leaks that they would not be aware of. A recent cyber security incident in Panama, in which 85% of the population had their data exposed by a database left open due to a misconfiguration, highlights the risk linked with hosting a high number of assets on a single connected server. As exposures like this are becoming more common, if not inevitable, the question for governments and private institutions alike is not if a data breach will happen, but where and when. Sufficient data breach monitoring technologies must be exhaustive, accounting for all exposed perimeters. To learn more about how CybelAngel’s data leak detection platform monitors data breaches for institutions across the globe, request a demo today.