Analytics, Baltic States – CIS, Estonia, Internet, Security, Technology

International Internet Magazine. Baltic States news & analytics Tuesday, 02.06.2020, 14:54

Report: Estonia has been targeted by cyber spies of all Russian special services

BC, Tallinn, 12.03.2019.Print version
Over the years, Estonia has in some way or another been targeted by the cyber spies of all Russian special services, it appears from a report made available by the Estonian Foreign Intelligence Service, citing LETA/BNS.

The special services' cyber attacks in connection with the Skripal poisoning, the capture of Russian military intelligence (GRU) officers as they were preparing a cyber attack on the Organisation for the Prohibition of Chemical Weapons, data breaches by APT28, a GRU cyber espionage group, during the South Korean Winter Olympics, and Brexit-related phishing e-mails clearly showed that, despite public attention, accusations and sanctions, the Russian special services remain consistently active in cyber espionage, the Foreign Intelligence Service's report published on Tuesday reads.

In 2018, the GRU's cyber espionage groups APT28 and Sandworm continued to be the most active players within the Russian special services. SNAKE APT, a group tied to the Federal Security Service (FSB), sticks to a different, more familiar line, avoiding excessive public attention and trying to operate below the radar. SNAKE APT uses more sophisticated and expensive tools and attacks targets of long-term value. At the end of 2018, it was revealed that the APT29 group associated with the Russian Foreign Intelligence Service (SVR), which for some time remained invisible at the global level, has in fact not withdrawn from phishing campaigns either, the report reads.

All this clearly shows that Russia's state-backed cyber espionage is in full swing, the Estonian Foreign Intelligence Service noted.

Over the years, Estonia has in some way or another been targeted by the cyber spies of all the above-mentioned special services. The attackers are interested in Estonia both in its own right and as a member of the European Union and NATO, the agency said.

The cyber espionage operations against Estonia are aimed at gaining access to information concerning international communication as well as to the working documents, names and e-mail addresses of national and international institutions. Russian cyber espionage targets Estonian ministries (particularly the Ministry of Foreign Affairs and the Ministry of Defense), the defense forces and the the Kaitseliit (Defense League) volunteer corps, as well as the units of NATO allies based in Estonia, the report said.

Phishing e-mails remain the most widely used form of attack, the FIS noted.

Search site