| Dokumendiregister | Majandus- ja Kommunikatsiooniministeerium |
| Viit | 9-2/2806-1 |
| Registreeritud | 06.11.2024 |
| Sünkroonitud | 07.11.2024 |
| Liik | Sissetulev kiri |
| Funktsioon | 9 Digiarengu korraldamine |
| Sari | 9-2 Küberturvalisuse kavandamise ning korraldamise kirjavahetus |
| Toimik | 9-2/2024 |
| Juurdepääsupiirang | Avalik |
| Juurdepääsupiirang | |
| Adressaat | Dreamlab Technologgies AG |
| Saabumis/saatmisviis | Dreamlab Technologgies AG |
| Vastutaja | Taavi Viilukas (Majandus- ja Kommunikatsiooniministeerium, Kantsleri valdkond, Digiarengu valdkond, Riikliku küberturvalisuse osakond) |
| Originaal | Ava uues aknas |
DREAMLAB TECHNOLOGIES
Majandus- ja Kommunikatsiooniministeerium Suur-Ameerika 1 10122 Tallinn Estonia
Bern/Switzerland, October 2024
Cyber sovereignty - measure and monitor your nation’s cyberspaces
Dear Minister of Economic Affairs and Infomation Technology Tiit Riisalo
Dreamlab TechnoIogies is a Swiss cybersecurity innovation pioneer which partners with the UNs ITU (International Telecommunication Union) for its Cyber for Good initiative and the 2024 Giobal Cybersecurity Index (GCI) report - by utilising the CyObs platform.
CyObs is the Swiss made software solution (www.cyobs.com) that has the ability to scan an entire’s nation cyberspace and create a fuil repository of the public attack surface. With this, CyObs provides unparafleled visibflity on ali cyber assets’ attack surfaces and supply chain dependencies.
Key features include: O Analyse: Complete a high-precision, high-speed analysis of the nations digital infrastructure. O Identify: Provide fuil visibility of vulnerabilities and anomalies. O Protect: Reduce your nation’s public attack surface to improve the overali security. O Monitor: Stay ahead with automated alerts and notifications regarding potential threats.
We aiready sent you a copy of your country report some weeks ago. As we believe that the protection of your cyberspace is a criticai undertaking in the digital age, we herewith attach another copy for your perusal.
Please contact us for further information and a demonstration on how CyObs can help you protect your nation’s cyberspace.
With kind regards,
Nicolas Mayencourt
Founder and Giobal CEO Dreamlab Technologies AG
nickdreamIab.net
MAJANDIJS- JA K0UNIKATSI0ON1M1NISTEERIUM
06. lj. 2024 Nr.
Dreamlab Technologies AG Monbijoustrasse 36 CH-3011 Berne T + 41 31 398 66 66 F + 41 31 398 66 69 [email protected] http://dreamlab.net/
(?C’(OBS SEE T’E CY8E
Cyber Attack Surface & Risk Profile: Estonia Scientific, non-intrusive scan as of July 2024 based on allocated IPv4 addresses and identified domains
National Cyberspace Metrics Decoding Estonia’s InvisbIe Cyberspace
Geo-Dependencies of Top-Level Dom ains Hosting
Top Domciins TLDs
Netherlands
Germany
Estonia
O ee 162,270 O Others 42,284 O com 40,820 ru 25,396 O eu 23,308
fi 7,458
In this example, the majority 01 the .ee domains (dark green) are hosted (blue pie) in the country, but we see a poHjan of them hosted in Germany, Netherlands, Hong Kong and the USA.
Further information: wvw.cyobs.com © DreamlabTechnologies AG, Bern/Sw[tzerland
% DREAMLAB TECHNOLOGIE5
Risk Vectors by Regions
i?T1 Li1)! 1
;
Overali Assets Monitored and Level of Threat
SOotty nk. ovmi.W
O O•
.,
e
Actlve IPv4
348,780 + 35,705 (11.4%) “
Open Ports
447,220 + 370,890 (485.9%) .-‘
Actlve Domoins
202,658 + 18,183 (9.9%) ‘.‘
Vuinerabillties
678,259 + 441,418 (186.4%) ‘-‘
1.506.931 Total
998 Unique
301.928 Total
678.259 Potential
h.
Hong Kong
United States of America
[1]
(?CYOBS \‘ SEETHECVBE
Cyber Attack Surface & Risk Profile: Estonia
Scientific, non-intrusive scan as of July 2024 based on allocated IPv4 addresses and identified domains
National Attack Surface Metrics
Attack Surface Risks (Overali)
678.259 Total
1.966 Unique Vuinerabilities 27.388 Host
37.055 Applications
List of Vuinerabilities by Criticality and CVEs
Top Vulrierabilfties Critical 131,819
____________
Critical HigP •7 Med Low
Quantity
High 243,217 CVE-2023-48795 14893
— CVE 2023-51385 -.,,, — — 14655
Medium 274,459 3) CVE-2023-38408 crItIo 14379
CVE—2021-36368 Low 11,274
Low 28,764 CVE-2G16-20012 11,208
Vulnerable Assets found in the Country’s Cyberspace
6,400 11,841 Email Servers Web Servers
931 Databases
Further information: www.cyobs.com DREAM LAB [2] © DreamlabTechnologiesAG, Bern/Swttzerland —
CYOBS
Cyber Attack Surface & Risk Profile: Estonia Scientific, non-intrusive scan as of juy 2024 based on allocated IPv4 addresses and identified domains
Nation’s Cyberspace Geopolitical Dependency
Domains: 301.928 Geolocatlon 0 D.,n,, Uwn.S.vsa Mol Exchong,
. O.e.
.
“
2OZS8
SoMog 0 ,oOjo.
202 658 30L295 000nfiguro.j
Giobal spread ot dornain hosting giobally.
I3o3
200,484
0,0120
The more services, such ao domains, DNS, and mail servers, are hosted outside the jurisdiction ota nation-state, the greater the dependence becomes.
This also Ieads to an increased Iikelihood ot eavesdropping, cyber espionage, and Ioss ot control over the service and associated data.
v DREAMLAB TECHNOLOGIES
Geolocation 000100 0 NflS.flfl 1200 £200.009.
.
OO
:.V .1,
OOj
800.00,2009 14.938
Uro0’od,00.1
16,348 310.91
Nornbopooloo,40NS
Giobal spread ot DNS server hosting giobally.
Geolocation 0on 9000 809*1 0 U08&dOoflgO
[120. £0010009O
71,155
Giobal spread ot mail server hosting giobally.
Further information: wv0.w.cyobs.com © DreamlabTechnologiesAG, Bern/Switzerland
[31
CYOSS SE rE CYBEP
Cyber Attack Surface & Risk Profile: Estonia Scientific, non-intrusive scan as of July 2024 based on allocated tPv4 addresses and identified domains
Top Organizotions
Issuers Subjects
Quantity
Lets Encrypt 5,061
Componynomo 3,535
(3 FASTVPS 2,386
4 Sectigo [imited 842
DrgiCert mc 433
Further information: www.cyobs.com
© DreamlabTechnologies AG, Bern/Switzerland DREAMLAB TECUNOLOGIES
National Trust & SSL Analytics
Certificcites 24.421 Issuers 4.733 Services with certifications 42.150 SeIf-signed certificates 24.637 Expired certificates 12.410
1, — 1
1
O Issuers
O Subjects
,,•pP, ,*‘
\ \
Ä
4
[4]
Cyber Attack Surface & Risk Profile: Estonia Scientific, non-intrusive scan as of July 2024 based on allocated IPv4 addresses and identified domains
Software & OS Landscape Detected at National Level
Unique software
Unique OS
Host exposing software
Host exposing OS information
Top Software
Quantity
1.357 72
31.124 23.346
OpenSSH
2 Apache httpd
3 Nginx
Dovecot
6 Exim
14,801
13,209
10,935
7,342
6,290
Statistics and Detailed Views on Services Exposed Directly on the Internet
51,180 Total S,vIce0
10.190 totol Se,vero
Databases
O tJrtknown O MySQL O MariaDl O M0SQL
Services
3,478 SQL Dotoboses
0 N0SQI
Dotaboses
Seretces
7,880 StMP
14,233 ss,w,
7,230 ÅRP
7,629 IMAPS
7,007 POP3
7,201 P0035
Remote Administration lnterfaces (RAI)
O OpenSSH 0 Unkflowfl O PrOFTPD
Ooropbear Oothers OVsFTPD ORosssh
Me,OsOft.,.. Ligtstlpd Aped,oI.
Servlces
7,949 FTP
16,543 SSH
159 TEINET
% DREAMLAB TECHNOL.OGIES
Email Servers 51,918
rotal
Web Servers
III epoobehL. Ng.,,o ,sflt0Oo,n OthO,s
O Do,000t O E,dn, O Uflkeows 0 Othors
O Mioosoff Exdoo9o So,’,o, O Sendmet CysM0P
Further information: www.cyobs.com
© DreamlabTechnologiesAG, Bern/Switzerlartd [5]
cYo3s SE tE
Cyber Attack Surface & Risk Profile: Estonia Scientific, non-intrusive scan as of July 2024 based on allocated IPv4 addresses and identified domains
Spotlight Risk - Dynamic Queries showing Vulnerable System
from Specific CVE
EXPLORE RESUI.TS
Showing 1 to 10 of 14379 results.
CVE-2023-38408 - A vuinerability was found in OpenSSH (before 9.3p2 version). The PKCS#11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, Ieading to remote code execution if an agent is forwarded to an attacker controlled system (the code in /usr/Ib is not necessarily safe for Ioading into ssh-agent). This flaw allows an attacker with control of the forwarded agent-socket on the server and the ability to write to the fitesystem ot the client host to execute arbitrary code with the privileges ot the user running the ssh agent.
July 6, 2023: The initial advisory draft and patch were submitted to OpenSSH.
July 19, 2023: A coordinated disclosure and patch release were executed.
CYOBS SEE THE CVBE0
Ida-Virumaa 6855
Tartumaa 441
Parnumaa 50
Laanemaa 18
We found 14.379 vulnerable assets (CVE-2023-38408)
in the cyberspace ot Estonia.
CyObs is a high-precison cyber radar system that ofters a complete view of your country’s cyberspace, combining threat detection, risk management and insights needed to
eliminate threats and reduce your attack surlace.
Further information: www.cyobs.com © Dreamlab Technologies AG, Bern/Switzerland
% DREAMLAB TECHNOLOGIES
J vulnerability.cve = CVE-2023--38408 x
Top Locations
Name Quantlty
Harjumaa 6895
IF YOU CAN’T SEE IT,YOU CAN’T MANAGE F[.
STEP OUT OF THE DARK.
[6]