Presented at the Ministry of National Defense, the documents state that Russia-linked cyber groups are also exploiting infrastructure vulnerabilities in Lithuania, carrying out attacks on COVID-19 vaccine producers.

According to institutional data, the number of cybersecurity incidents rose by 25 percent last year, and the number of incidents related to the spread of malware jumped by as much as 49 percent.

Vice Minister of National Defense Margiris Abukevicius told BNS the number of incidents is growing as more and more devices are connected to the internet, the number of unsafe websites is increasing and also due to the remaining lack of cybersecurity hygiene.

"COVID-19 has had an unavoidable impact as well. When we look into the correlation between the rise in the number of cybersecurity incidents and lockdown restrictions, so that correlation is very obvious, especially during the first lockdown," the vice minister said.

Analysts say the Seimas election and political changes also had an impact on the rise in incidents, although specific attempts to affect the election were avoided.

"During the election period, there were no identified attempts to unlawfully log onto the election information systems but external intelligence of the information system's perimeter was identified, and 386 IP addresses linked to allegedly unlawful activity were blocked through joint effort of the National Cyber Security Center and the Central Electoral Commission. Other incidents were avoided, therefore, it can be concluded that the 2020 election to the Seimas of the Republic of Lithuania was safe," the report reads.

Some incidents linked to Russia

The report is also based on information collected by the State Security Department and military intelligence, stating that cyber groups controlled by Russian intelligence services carried out cyber attacks on Lithuania's top government, foreign policy and national security ensuring institutions, energy and education establishments, and also used Lithuania's infrastructure to carry out attacks abroad.

"Groups controlled by Russian intelligence services also exploited infrastructure of Lithuania's IT services sector to carry out cyberattacks against targets in Western states, for example, some attacks disclosed by Russian intelligence services' cyber spying group APT29 in July, 2020 against Western organization creating COVID-19 vaccines were carried out using Lithuania's IT infrastructure," the report states.

According to the document, part of the cyber incidents registered in Lithuania in 2020 are related to "political, geopolitical and strategic events in Lithuania, in the region and the whole world".

"Therefore, it is assumed that hostile intelligence services seek to use unlawful ways to get information about vulnerabilities of Lithuania's telecommunication and information systems, gain users' personal-type information (account login data) and use it for other cyber incidents," the reports reads.

Abukevicius pointed out that seven hybrid attacks were registered last year, including one of the biggest attacks carried out in December when hackers exploited a loophole in the website content management system and hacked into at least 24 public sector websites and published fake news.

An investigation later found that the attacks were pre-planned and carried out in an organized manner.

"That growth tendency remains in this place as well, which continues to raise concern. We do not make public attribution and we do not attribute that to something specific. But speaking of tendencies, so those attacks aimed at state institutions, critical sectors, they correlate with political events in Lithuania – last year's elections, the changes in the government, so we definitely see that correlation with the activity of hostile states. In general, Russian or Russia-related cyber groups are the most active," he said.

Fraudsters caused damage worth EUR 4.5 million

Ransomware is identified as the biggest threat to persons' digital assets, as well as DDoS attacks, data thefts and online fraud.

According to Abukevicius, the number of data thefts using loopholes in systems has significantly risen this year. Such crimes were not that visible last year.

"We see that impact on people and it is ternary: data security incidents, services security incidents, including the disruption in the operation in the National Public Health Center in December, the disruption in the operation of the Center of Registers in the middle of last year, as well as cybercrimes. Data from the Association of Lithuanian Banks shows that Lithuanian residents suffered damage worth around 4.5 million euros last year due to cyber-electronic crimes," the vice minister said.

In his words, a large part of cyber crimes is related specifically to an increase in online trade during lockdowns when businesses received quite a number of ransom demands and threats to disrupt their business operation.

More child sexual exploitation material

It is also pointed out in the report that as people spend more time online, another problem is getting more serious and that is an increase in the volumes of online child sexual exploitation material.

There were 78 cases last year when child sexual exploitation images were found in Lithuanian servers and handed over to the Police Department, up from 44 incidents in 2019.

"Those tendencies in Lithuania match global tendencies identifies by institutions, like Interpol," the document reads.

Abukevicius says both the public and the private sectors are being urged to take more active measures to ensure cybersecurity, with one of the measures under consideration for public sector institutions specifically being an administrative liability for ignoring recommendations.

"Administrative liability has always been in place but the main operation direction has been providing consultations and advice and drafting recommendations. We are now trying to shift the focus from recommendation-type measures to the application of legal measures. We believe that if institutions fail to cope, measures of administrative impact will be applied," Abukevicius underlined.

It is prohibited to copy and republish the text of this publication without a written permission from UAB „BNS“.
Comment Show discussion