The website and online channels of state electricity generator Eesti Energia and some of its related companies are offline following a large-scale denial of service attack thought to have been conducted by pro-Kremlin hackers.
The attack has affected Eesti Energia’s site and mobile app, and also grid maintenance firm Elektrilevi’s website, and its MARU mobile app, ERR reports, while one government ministry, the central bank and several other key state sites have also been hit by attacks, though with less success.
The incidents coincided with similar and simultaneous attacks on key sites in Latvia, Poland and Ukraine.
Ilmar Käär Eesti Energia’s head of business and IT, stressed that customer data and the group’s IT systems are both fully protected.
“The obstructing attack was successfully repelled, and the problem will be solved in cooperation with partners. Customer channels will be restored to functionality as soon as possible. We apologize for any inconvenience,” Käär told ERR.
In the meantime and in the event of a power failure, Elektrilevi’s helpline can be called on 1343.
RIA: Cyber attacks likely work of pro-Kremlin cyber criminals
Tõnu Tammer, head of CERT-EE, the cyber security arm of the State Information System Authority (RIA) told ERR Saturday that while it is never possible to say with total certainty who is behind a cyber attack, information so far available points to pro-Kremlin hackers.
The attacks have also hit some other countries in the region, and Ukraine also.
Tammer said: “As far as we know, companies and institutions in Latvia, Poland and Ukraine were also attacked at the same time. This list may not be final,” said Tammer.
At a little before 10.15 a.m. Saturday morning, Tammer said, RIA discovered that the online services of five Estonian companies had started malfunctioning, including those of Eesti Energia.
He said: “Due to these attacks, in addition to the Eesti Energia’s site, websites relating to it including those of Elektrilevi and [Eesti Energia subsidiary] Enefit Green.”
Meanwhile attacks thought to have been conducted by the same group hit the Ministry of Economic Affairs and Communications, the Bank of Estonia (Eesti Pank) and Enterprise Estonia/EAS, though with less impact, since these organizations are full clients of the RIA state network, meaning the worst aspects of the attacks were repelled.
An unnamed private sector firm was also hit in the same wave of attacks.
Tammer added that while the economic affairs ministry, central bank and EAS sites remain intact, some services may be down, and RIA is monitoring the situation.
“The current attacks are large, but not as wide-ranging and substantial as those that hit Estonia last spring and summer. Regardless, the impact of an attack can be very broad, depending on the target,” he went on.
Major Distributed Denial of Service (DDoS) attacks in April hit around a dozen key state-related sites, while in July, the official site of the Office of the President of the Republic of Estonia was hit. In August, it was the turn of private media firm the Ekspress Group to suffer hacks and see its sites go offline.
Editor’s note: This article was updated to include quotes from RIA and details on attacks on other institutions, as well as Eesti Energia.
Follow ERR News on Facebook and Twitter and never miss an update!
Editor: Andrew Whyte, Aleksander Krjukov
ERR News is the English-language service of Estonian Public Broadcasting, run by a fully independent editorial team.
To read up on ERR News’ comments rules and to contact ERR’s other services, please follow the link below.
Staff, contacts & comments
ERRi arhiivist leiab vanemaid tele- ja raadiosaateid, filme, fotosid, reportaaže, intervjuusid ja palju muud põnevat.