DDoS attacks on Estonian web sites using one million hijacked computers

Since the end of April, serious waves of DDoS attacks on Estonian web sites including company, media and government sites, have been conducted, causing a disruption of some of these sites. In early May, the Estonian government accused Russia and even the Kremlin of being the initiator of these assaults, calling them actions of cyberterrorism and requesting the EU and the NATO to develop a strategy against such attacks. Mikhel Tammet, chairman of Estonia's cyber-defence co-ordination committee, explained: "The act of terrorism is not to steal from a state, or even to conquer it. It is, as the word suggests, to sow terror itself. If a highly IT country cannot carry out its every day activities, like banking, it sows terror among the people. The EU and Nato have to work out its doctrines and position on these kinds of attacks and how to deal with them."

The Russian government has denied any connection with these attacks. Now, the Estonian government - maybe due to the pressure from other EU governments and the problems between the EU and Russia - seems to have retracted their accusation that the Russian government is involved. Estonian Defense Minister Jaak Aaviksoo explained that, while the first wave of attacks end of April could be traced back to Russia, there is no evidence that the Kremlin is also involved.

According to reports in the media, more than one million computers were used for these attacks, causing damage to the tune of dozens of millions of Euros. It seems that the attacks came from computers from Russia, Canada, Vietnam, Brazil, the US and other countries. Hillar Aarelaid from the CERT Estonia said that most of the attacked web sites are functioning normally again. This is probably the longest and hardest DDoS attack ever conducted against a specific country.

(mba)