Paragraphs from the “Cyber Threats” section on page 36:
Although the crippling of a critical Estonian infrastructure by a state actor in 2017 is not likely, it is certain that Estonia will remain a target of hostile cyber activity. [..] Considering the cyber attacks that sowed confusion in the US in 2016 and Latvia’s experience in holding the presidency of the European Union in 2015, it is also likely that Estonia will come under increased scrutiny from foreign cyber criminals in the second half of 2017.
As in past years, the Estonian government sector was not unscathed by attacks in 2016. The mailboxes of employees of the Riigikogu (parliament), the Ministry of Foreign Affairs and the Ministry of Economic Affairs and Communications were the targets of phishing attempts. An example of such attacks was an incident in 2016 where an attempt was made to steal information in the possession of a Finnish member of the Bellingcat research group. The information concerned the military conflict in Ukraine and the downing of the MH17 airliner.
Haven’t heard of the phishing attempt against Bellingcat member in Estonia. The spearphishing example screenshot above actually comes from the ESET report on Sednit hacking group.