Skip to main content

Cyberattack or cyber incident

  • BE PREPARED FOR DISRUPTIONS IN VITAL SERVICES!
  • BE PREPARED FOR DISRUPTIONS IN E-SERVICES, INCLUDING THE IDCARD, MOBILE-ID, AND OTHER MEANS OF AUTHENTICATION!

How to protect yourself, your data, and IT systems (including computers and smart devices)

  • Update the software on your computer and smart devices regularly and use an antivirus.
  • Download applications only from official sources: Google Play Store, Apple App Store, Windows Store.
  • Make regular backups of your files on your computer and phone and make sure that the backups work.
  • Use a different strong password for every account and change passwords often.
  • Use two-step authentication (read more on the website of RIA)
  • Do not disclose your personal data and do not share it with strangers.
  • Be careful when sharing your private information. For example, the fact that you spend several weeks on holiday with your whole family should not become known to strangers through social networking sites – this could make your home vulnerable to malicious acts.
  • Do not open unknown letters, links, and attachments. If your acquaintance sends a link or attachment with a strange message and/or in a manner of communication that is uncharacteristic to the person, then always ask them about it.
  • Make sure that the website to which you are about to submit personal data is protected by a secure encrypted connection: https (not http) at the beginning of the address.
  • Pay attention to typos in web addresses. For example: google.com is a safe address, whereas g00gle.com is not.
  • Try to avoid shared and public devices. If this is not possible, make sure that you always log out of all the websites you visited.
  • In the event of an extensive cyberattack, follow the instructions of RIA and other agencies.
  • If you fall victim to cybercrime, report the incident to the police at cybercrime@politsei.ee and the incident resolution department (CERT-EE) of the Information System Authority at cert@cert.ee.

More detailed recommendations and instructions are available on the website of RIA.

 

Phishing e-mails

What can I do right now?

  • If you notice that an acquaintance has sent you an e-mail asking you to open an unknown attachment with a strange title, do not open it! Ask your acquaintance about the e-mail, using a different communication channel; for example, make a phone call.

How to avoid it in the future?

  • Be suspicious of e-mails that require prompt action or threaten you. Do not reply to emails that ask you to send money or enter passwords – this is usually phishing or invoice fraud.
  • Make sure that your computer or smart device has all the latest software updates. To infiltrate your device, attackers will often search your computer for applications that have not been updated.

My account has been hijacked

What can I do right now?

How to avoid it in the future?

  • Use a different password for every account. If you have many accounts, you could use a password manager (Keepass, 1Password, LastPass, etc.). Set a long and complex password for the e-mail account where all other services send password reset messages.
  • Set up multifactor authentication in as many environments as possible. This is particularly important for the e-mail account where all other services send password reset messages.
  • Use a widely-used antivirus program and use it to scan your devices for malware.

A device is infected with malware

What can I do right now?

  • If you still have access to the device, find an antivirus program and try to clean your computer.
  • If the antivirus program cannot help you, disconnect the infected device from the network (do not forget the wireless i.e. Wi-Fi network).
  • If possible, take pictures of the impact of malware or document it some other way and report the incident to the incident resolution department (CERT-EE) of the Information System Authority at cert@cert.ee to receive help and advice.
  • Avoid using the infected device even if the malware infection seems ‘not that bad’.

How to avoid it in the future?

  • Do not open unknown e-mails, links, and attachments.
  • If an acquaintance sends you an e-mail with strange content or in a manner of communication that is uncharacteristic to the person, ask them if their computer is infected with malware.
  • Make regular backups of the important data on your phone and computer and make sure that the backups work.
  • Never use pirated software. Acquire legal software, use its latest version, and install security updates.
  • Download software only from the official website of the software manufacturer.
  • Install antivirus software only from the manufacturer’s website or an official retailer.
  • Download phone applications only from official application distribution platforms (Google Play, App Store, etc.).
  • Do not plug found or unknown USB flash drives into your computer.

What to do in a crisis

Every state does whatever it can to prevent or respond to crisis situations. Still, help will not always reach all people quickly enough because some crises can affect a large part of the population and last for days or even weeks.

Until help arrives and services are resumed, your welfare and that of your loved ones will largely depend on your own preparedness.

The web page “Kriis.ee” contains tips on how to get prepared for various types of crisis situations and what to do if there actually is one.

EU logo Eesti lipp
Siseministeerium ja Riigikantselei
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. More information | I understood