Jete Luik, chief of the Central Criminal Police's cybercrime bureau, said denial-of-service attacks are essentially made-to-order services, meaning the person planning the attack does not need extensive IT knowledge.

"Cybercrime is service-based and an attack can be purchased. This is how denial-of-service attack providers operate — their websites allow users to choose the attack package that suits them. The purpose of these attacks is to overwhelm the services of a specific institution or company in order to disrupt their operations and all the people who want to use the service. Common targets include banks, hospitals and government agencies," Luik said.

According to State Prosecutor Vahur Verte, cybercriminals have made carrying out DDoS attacks extremely simple.

"Too often, young people mistakenly see it as a harmless way to play a prank on friends or temporarily disable a service. A DDoS attack is not an innocent prank, but interference with the operation of computer systems and services that can cause financial damage and disrupt services for thousands of users. Such an attack is a crime regardless of whether the target is a hospital network, a large company or another player in a gaming environment," Verte said.

At the beginning of April, law enforcement agencies in 21 countries carried out an operation to take down websites offering attack packages. Worldwide, police shut down 53 providers.

"Those websites now display a message saying that law enforcement agencies have taken them down," Luik explained.

No such providers were shut down in Estonia during the operation, but attacks have been ordered from Estonia and directed at Estonia. The data collected by police concerns attacks and attack orders carried out since 2014. In Estonia, targets included gaming environments, school websites and the eKool and Stuudium electronic school information and management portals.

According to the head of the cybercrime bureau, ordinary internet users were behind the attacks.

"We identified nearly 1,600 Estonia-related user accounts that had registered on the attack-ordering websites. Based on the information we currently have, for some of them it went no further than registration, while others went on to order an attack," Luik said.

Estonian police will contact all 1,600 users by email, sending messages to the same addresses they used to register with the attack providers.

"It is a warning email intended to guide people toward lawful behavior. In these cases, we are mostly talking about young internet users acting out of curiosity rather than malicious intent. Young people expect anonymity there and do not think about the consequences that can result from a few mouse clicks," Luik said.

The Central Criminal Police will file criminal suspicions against 13 people.

"These are people for whom we collected evidence of possible attack orders and identified who was behind the username. This week, they received summonses to appear for questioning as suspects. Since we identified possible elements of a crime, we have to open criminal proceedings, but our main goal in those proceedings is to encourage lawful behavior in the future. An interest in IT is a good thing, but it is important that people use it lawfully," the cybercrime bureau chief said.

"Digital skills are valuable, but as with all other skills, people must understand what the appropriate and permitted ways of using them are. We are giving the young suspects an opportunity to work with experts and gain the knowledge needed to channel their interest in cybersecurity legally and with respect for the rights of others. This is a warning and an opportunity for the suspects to prove they can follow the law. If they learn from this and do not commit cybercrimes in the future, they will not face criminal punishment for these actions," Verte said.

PowerOFF is an international police cooperation initiative aimed at preventing denial-of-service attacks and police around the world have been working together in this format since 2018. Estonia has been involved in the project from the beginning. This year, 20 countries took part in the international operation.

--

Follow ERR News on Facebook and X and never miss an update!