Cyber Attack Immobilizing the Estonian Government, the Critical Infrastructures and the Society’s Functioning

This case study will explore the risks of cyber attacks that can be implemented during hazardous events. In addition the case study will explore the impacts of such potential attacks.

Cyber Attack Immobilizing the Estonian Government, the Critical Infrastructures and the Society’s Functioning

Type of disaster addressed: High-risk of cyber-attack could also be enacted during natural hazards (weather extremes, fires, floods) for disguise
Type of danger addressed: Stoppage of life line supply (health cares, education, electricity, water and heating), disruption of government and industrial/economic activities, social trauma (fear of chaos), and functional disarray

Special vulnerable groups: Families with children, lonely elderly, physically and/or cognitively impaired people, and other groups terrified by disinformation or institutional shutdown

Other groups / communities: Residents in neighbouring countries, visitors and the entire EU community

Tools or technologies used: Technology countering web-based broadcasting of disinformation, malwares in government and business operations system, false applications/posting sowing discord, and crisis creation. Usage of mobile positioning data and algorithms forecasting population’ locations, mobility patterns and demand for aid and relief, and trajectories for emergency proliferation
Method of analysis: Scenarios, research and policy workshops, simulated responses (apps and modelling), first respondent exercises, mobile positioning data for upgrades of rescue/evacuation procedures
Real-life condition: Global Risk Report (2016) where 750 security and defence experts from around the world emphasized that high-risk of cyber terrorism against Estonia in near future will impose damaging consequences on its population and economy

Beneficiaries: The entire European Union community

Innovation outcomes: Practical innovation derived from application of technology for improved risk assessment and more effective harm prevention. Monetary savings due to more precise resource planning, staffing, and operational efficiency. Demo of GDPR compliance under high-risk circumstances for the EU-wide proliferation.