Earlier this month, Lithuania faced one of the “biggest and most complex” cyber attacks in recent years, according to Defence Minister Arvydas Anušauskas.
The attack which took place “on the eve of the government’s transition [...] was prepared in advance and with a goal in mind,” he said in a statement published on Wednesday.
After analysing the December 9 incident, the Defence Ministry’s National Cyber Security Centre (NKSC) said the breach targeted the content management systems to gain access to 22 websites administered by Lithuania’s public sector, mostly by regional municipalities.
The attackers then posted three types of fake news articles – one alleging that a Polish diplomat had been detained on the Lithuanian border, another alleging corruption in the Šiauliai airport that houses NATO’s Baltic air policing mission, and another alleging that more people than previously reported have been drafted into the military.
At the same time, falsified emails that resembled those used by the defence and foreign ministries, as well as the Šiauliai Municipality Administration, were used to share the disinformation by linking back to texts published on the hacked websites.
“This shows huge gaps in cyber security of the public sector,” said Anušauskas.
Lithuanian analysts have previously said that disinformation attacks in the country mostly target the military, NATO, and government structures.
The NKSC has now submitted recommendations to municipalities, which can also be found on the centre’s website (in Lithuanian).
Read more: Russia-aligned hackers conducted anti-NATO fake news campaign in Lithuania – report