Estonia's 2007 DDoS campaign is often remembered as a geopolitical cyber milestone. The more practical accountability lesson is narrower and still current: when a highly digitised public sector depends on shared networks, banks, media, portals, registrars, and cross-border connectivity, the delay between attack symptoms, technical diagnosis, public explanation, and citizen continuity becomes part of the harm.