Sean Sullivan, a senior researcher at F-Secure, said that hackers created tools designed to damage the government servers, and then spread the word online so that individuals could deploy the tools more widely by acting together as a 'mob'.
"You do not need infrastructure for this. You just set up the tools and the mob will take care of the rest," he said.
"Whether the [Russian] government was involved or not is irrelevant. It was the work of a flash mob that took down the servers."
Sullivan added that the situation was similar to that which took down online camera retailer PriceRitePhoto.
A customer was allegedly abused by a member of staff for trying to buy a camera without expensive accessories, and the incident was written up on the customer's blog.
The blog posting got picked up by news aggregators and spread online, and some people took it upon themselves to create tools that were used to attack PriceRitePhoto.
The company's website was taken down by a denial of service attack, its phones were jammed with calls and the fax machine was bombarded with spam.
The head of PriceRitePhoto was eventually forced to call the customer personally and fire the staff member involved before the attacks stopped.
Sullivan suggested that political tensions between Russia and Estonia probably led to computer enthusiasts creating the tools and making them available for everyone to use. There would be no need for the Russian government to get directly involved.
Estonia attacks down to online 'flash mob'
By Iain Thomson on Sep 28, 2007 7:33AM
The online attack that took down government servers in Estonia was most likely down to an online 'flash mob' and not the Russian government, according to researchers.
Got a news tip for our journalists? Share it with us anonymously here.