"I have decided that starting on August 31 of this year — the anniversary of the withdrawal of Russian troops from Estonia — emails sent from Russian servers, i.e., from addresses ending in .ru, will no longer reach public-sector institutions without additional security checks," Pakosta said in a public speech delivered Sunday.

"The reason is the increase since 2022 in emails containing real cyber threats arriving through these addresses. Email addresses ending in .ru pose an elevated cyber risk. There is a serious danger that they are being used to break into personal databases," the minister added.

"We are giving early notice that emails from .ru addresses will no longer go directly into Estonian public servants' inboxes but will instead be subject to additional checks. In practice, this means they will go into quarantine, and each official will be able to open them from quarantine in accordance with their institution's rules," Pakosta explained to ERR on Monday.

When an email from a Russian server is placed in so-called quarantine, the recipient will receive a notification and must then open it using security precautions and decide how to handle it, Pakosta said.

According to her, a quarantine mechanism already exists in government institutions, and emails deemed suspicious based on other criteria are already routed there. Now, emails originating from Russian servers will simply be added to those criteria.

"Quarantine is already in use. The entire public sector, the whole state sector, operates behind a cyber shield," she emphasized.

It will certainly mean that responding to such emails takes longer than responding to messages sent from more secure servers, she added.

Pakosta said that local governments must decide for themselves whether to follow the state's example.

"We therefore recommend that anyone who uses a .ru email address to communicate with Estonian authorities — or for correspondence in general — switch as soon as possible to another email address not controlled by Russian authorities," Pakosta urged.

"Since we see that .ru emails are increasingly being used in various cyberattacks, this additional security measure is necessary and should not come as a surprise," she added. "The Estonian Information System Authority (RIA) already issued several warnings in 2022, immediately after the start of Russia's full-scale war, that emails coming from Russian servers are very often used as phishing emails to spread malware," the minister explained.

In her Sunday speech, delivered at a remembrance ceremony at the Maarjamäe Memorial to the Victims of Communism in Tallinn, the minister also referred to broader Russian influence activities, including the use of disinformation and AI-generated content to portray history in a way favorable to the Kremlin, to support its foreign and security policy objectives through cyber espionage and attacks, various information operations, as well as fraud and phishing campaigns. These undermine public trust, causing not only financial damage but also eroding people's sense of security and confidence in systems, thereby weakening social cohesion.

"Because when people no longer trust, there is no longer any need to attack from outside the borders. Society begins to slowly erode from within. The impact of this kind of seemingly silent attack is very real and truly dangerous," she warned.

--

Follow ERR News on Facebook and X and never miss an update!