Search This Blog

Showing posts with label Lithuania Cyber Security. Show all posts

Lithuania has experienced 1,780 cyber incidents in six months

According to the Lithuanian military, the sharp increase in the number of hacks is caused by two main reasons – the global vulnerability of Microsoft Exchange email and several major leaks of personal data.

Lithuania recorded two percent more cyber incidents in the first half of the year than in the same period last year. A total of 1,780 incidents were identified. Cyber attacks hit IT companies the hardest.

"Such a sharp increase in the number of hacks is caused by two main reasons – the global vulnerability of Microsoft Exchange email and several major leaks of personal data in Lithuania this spring," said Ritis Rainis, director of the National Cybersecurity Centre (NCSC).

In the first half of the year, there were also repeated leaks of personal data (CityBee, LIEMSIS, Kilobaitas, and so on). As a result, the personal data of hundreds of thousands of Lithuanian users became available to the attackers.

According to the Lithuanian military, 55 cyber incidents were classified as medium-severity incidents. Of these, 27 were recorded in the communication and information systems of legal entities. There were also attempts to affect the public sector (ten incidents) and Internet service providers (four incidents).

Disturbance of service (DDoS) cyberattacks was observed at the beginning of the year. Some of them were directed against distance learning in schools.

A Lithuanian cybersecurity expert said that 186 sites of Lithuanian domains infected with malicious code also posed a risk. By mid-May, three-quarters of the sites had been cleaned up, and 49 site managers received repeated instructions from the NCSC to take security measures and remove malicious code.

Cases of Emotet malware distribution were interrupted by successful international law enforcement and judicial operation until February.

Various cyber attacks are often reported in Lithuanian state institutions. Most often they are attributed to "Russian hackers" or they are hinted that they were carried out by "unfriendly countries", although no evidence was found.

Moscow has repeatedly stressed that the accusations of Western partners are unfounded.

Russian intelligence was accused of cyber attacks on Lithuania's top leadership

Last year, hacker groups controlled by Russian secret services conducted cyber attacks on Lithuania's top leadership - This is stated in the annual report on the state of national cybersecurity published by the Ministry of Defense of the Baltic republic

The document claims that Lithuanian foreign policy and national security institutions, as well as energy and education facilities were attacked by Russian intelligence.

"Groups controlled by Russian intelligence services also used the Lithuanian information technology sector infrastructure for cyber attacks against targets in Western countries. For example, in July 2020, there were cyber attacks by the APT29 cyber group against organizations developing a coronavirus vaccine in the West that were carried out using Lithuanian IT infrastructure," the report said.

As noted in the document, some of the cyber incidents registered in the republic last year are associated with "political, geopolitical, strategic events in Lithuania, the region and around the world."

According to the report, "it is assumed that hostile intelligence services seek to illegally obtain information about vulnerabilities in Lithuanian communication and information systems, as well as personal user information (account login data) and use it for other cyber incidents".

As an example, a cyber attack was reported in December 2020, when 24 public sector websites were hacked, three of which published fake news with different content. An investigation into the incident revealed that it had been prepared in advance and was carried out in an orderly manner.

Various cyberattacks are often reported in Lithuanian state institutions. Most often they are attributed to "Russian hackers" or hinted that they were carried out by "unfriendly countries," although no evidence has been found.

Moscow has repeatedly stressed that accusations by Western partners are unfounded.

In addition, the authorities of the Baltic States have consistently obstructed the work of the Russian media. As the Russian Foreign Ministry noted, signs of coordination are clearly visible in the actions of Vilnius, Riga and Tallinn, and the cases of media harassment in the Baltic countries clearly demonstrate that the demagogic statements of these countries about their adherence to the principles of democracy and freedom of speech are worth in practice.

It's interesting to note that the report released by the Lithuanian Ministry of Defense shows that cyber incidents in Lithuania increased by 25 percent in 2020, and the number of incidents involving malware increased by 49 percent.

Polish authorities got hacked for the sake of a fake allegation of nuclear waste leakage from Lithuania

Two Polish government websites were hacked to spread false information about a nuclear waste "leak" in neighboring Lithuania.

The incident took place on Wednesday. False information about a non-existent radioactive threat was published on the websites of the Polish National Atomic Energy Agency and the Polish Ministry of Health. In addition, the Twitter account of a journalist who "often writes about Russia and Eastern European countries" was hacked. His page was used to further spread misinformation.

The false statement said that the health and lives of Poles living near the Lithuanian border were in danger. However, the reports did not seem to get much attention.

Polish Security Service spokesman Stanislav Zarin said that "the whole story looked like a typical Russian attempt" to sow suspicion and discord among Western allies.

Zarin said he remembered a similar hacking attempt in 2020 that spread false information about a nonexistent radioactive cloud headed for Poland from Chernobyl in Ukraine.

In February, the Lithuanian Foreign Ministry drew attention to the recent intensification of information and cyber attacks aimed at damaging friendly Lithuanian-Polish relations and "blackmailing the Lithuanian and Polish peoples.

Official Vilnius and other Western countries regularly accuse the Russian side of "cyber attacks" without any evidence or concrete facts. Often Lithuanian politicians hint at the involvement of "Russian hackers" or that they were carried out by "unfriendly countries," although no evidence has been found.

As Russian authorities and experts have repeatedly noted, Moscow has no reason to attack Lithuania or other NATO countries, either real or virtual. Russia rejects all the accusations, noting that they are completely unfounded.

The data of 110 thousand customers was stolen from the Lithuanian car rental service

It became known that on the night of February 15-16 in Lithuania, the data of about 110 thousand customers of the local car rental service CityBee was stolen.

The information was published on one of the forums of cyber hackers.

"On the night of February 15-16, cybercriminals posted a message on a foreign-registered forum that they had not only the names and personal codes of some CityBee customers, as previously announced, but also phone numbers, email addresses, residential addresses, driver's license numbers and encrypted passwords," said CityBee.

Experts reported that, according to available information, passwords are provided in the SHA1 format without additional security criteria (salt), so they can be guessed automatically and used for unauthorized access.

The company noted that the data is already three years old — and their theft will not affect the security of CityBee customers, since the organization does not store information about payment methods. However, CityBee representatives still asked customers who registered in the system before February 22, 2018, to change their passwords if they used the same or similar password.

According to the Minister of Justice Agnė Širinskienė, such personal data can be used very widely. Especially in the case of international crimes.

"For example, illegal immigration from third countries often occurs with the use of fake documents. Let's just think about how a citizen of a third country X can easily move around the EU with the personal data of a CityBee customer in a fake passport. Now imagine that a resident of country X, who has personal documents filled out with CityBee customer data, is involved in the arms trade, the organization of a terrorist network in Europe, and is suspected of money laundering... while the client of CityBee, the "owner" of the identity, is flying to the Maldives on vacation," Širinskienė gave an example.

CityBee has launched an investigation to find out how customer data was stolen.

The police are conducting a pre-trial investigation.

Lithuania to allot seven million euros to combat hackers

Lithuania has applied to host the European Cyber Security Competence Center, which is designed to develop technologies and develop protective measures. The Raimundas Karoblis, the Minister of National Defense of the Baltic Republic, openly links the request for its creation with the "Russian threat".The vulnerability of NATO's "eastern flank" continues to worry European countries, which believe that after the protests in Belarus, the issue of Russia's influence is more acute.

Lithuania will compete for hosting the institution with Belgium, Germany, Luxembourg, Poland, Romania and Spain.

Ministry of Defense of the Baltic Republic draws attention to the activity of China and Russia, which are often associated with the hacker threat.

The Minister of Defense claims that "Russian cyber attacks happen quite often," although at the same time he makes a reservation: it is very difficult to formally establish the "authorship" of hacker attacks.

According to him, this is accompanied by information campaigns. It is likely that the work of the European Cybersecurity Competence Center will also be aimed at countering those information messages that will be considered propaganda in Vilnius. By the way, Lithuania offers to place the institution itself in the Vilnius TV tower.

It is worth noting that in January, the Prime Minister of the Republic Saulius Skvernialis called Lithuania "a leader in the field of information security". According to him, this area is a priority for the Baltic Republic.

In addition, Lithuania ranked fourth in the Global Cybersecurity Index (GCI) with a score of 0.908 points. The rating was led by the United Kingdom, which scored 0.931 points. The second and third places are occupied by the United States (0.926) and France (0.918). The top five is completed by Estonia, whose security level was estimated at 0.905 points.

Lithuanian authorities often claim cyber attacks and "Russian interference” without providing any evidence of the "guilt" of the Russian side. Moscow denied all such accusations and stressed that they were "absolutely unfounded".

However, Lithuania is currently concerned about military activity near its borders, which, according to its estimates, has increased against the background of the Belarusian events.