The clash between Estonia and Russia over the removal of a Soviet war monument is gathering force on the web.

The re-siting of a bronze statue of a Soviet soldier in the Estonian capital Tallinn has triggered a wave of protests from Russians, ranging from physical blockades of the border and the Estonian embassy in Moscow to riots and, now, a flood of alleged cyber attacks.

Estonian authorities claim that a million PCs have been used in several waves of crippling direct denial-of-service (DDOS) attacks on government sites, banks and media organisations. Damage is estimated to run into tens of millions of euros, and Nato chiefs are said to be advising the tiny EU nation.

Russian officials have denied any state responsibility and have suggested the Estonians should prove their allegations - an impossible burden, given the nature of the attacks. As well as malicious traffic from Russia itself, analysts say they have traced attackers to other countries, including the US, Canada, Vietnam and Brazil.

According to Paul Sop, chief technology officer of DDOS defence specialist Prolexic Technologies, this battle has one unusual element: "Activists have downloaded a DDOS tool and pointed it at a specific website at a pre-arranged time. This is a huge shift in the use of this technology.

"Most websites could be brought down by 20,000 or 30,000 users doing this, and that's not such a large number in political terms," he warns.

Cyber-security is expected to be discussed at a meeting of Nato officials next month. In the meantime, it seems Estonia has little recourse. The concept of a cyber-war is not new, recent events such as the Iraq war and the cartoons crisis in Denmark attracted similar online responses, if on a somewhat smaller scale.

Although the size of this assault is unprecedented in geopolitical terms, commercial attacks can be much more impressive. "One single professional Russian botnet herder could easily generate this amount of traffic, and more," observes Sop.