News

2020.12.30 09:22

Lithuania's public health body comes under cyber attack

updated
Jūratė Damulytė, Ignas Jačauskas, BNS2020.12.30 09:22

Lithuania's National Public Health Centre (NVSC) came under a cyber attack on Tuesday, which may delay tallying latest coronavirus statistics, according to Defence Minister Arvydas Anušauskas.

The NVSC, which manages information about the coronavirus pandemic in the country, had its email system down after someone opened an infected attachment, according to Anušauskas.

“The NVSC's email is down for some time and it might undermine its work, providing and receiving information,” the minister posted on Facebook on Wednesday.

He also called on people not to open unknown email attachments that might infect computers.

Several institutions affected

Several other institutions and the NVSC have been affected by an email virus, Rytis Rainys, director of the country's National Cyber Security Centre, says.

He told BNS a Trojan.Emotet virus spread via email on Tuesday as an archived ZIP file which, when opened, automatically sends out letters to other contacts.

The Defence Ministry says government institutions, ministries as well as individuals who were contacted by NVSC specialists carrying out epidemiological diagnostics have received malicious letters.

“Yesterday, a number of users, state institutions and municipalities received emails with the Emotet virus. The file contains a virus which, when activated, downloads its extensions and takes over control of the affected computer, email, uses contacts, and either continues to spread or turns the user's computer into a ‘zombie’, receives commands from the command and control servers and, for example, sends spam,” Rainys told BNS.

The first emails were received at around 10 on Tuesday morning, he said. The malware was encrypted and password-protected, therefore, it was not detected by antivirus software, and users had an impression that the emails were part of an email exchange with colleagues, since fragments of previous emails were used.

The email also contained a password that users had to enter after opening the ZIP file.

Rainys confirmed that “dozens or even hundreds” of NVSC staff members, their contacts, as well as employees of several municipalities and other institutions, including in the healthcare system, opened malicious emails.

Removing the malware and its damage is expected to be completed on Wednesday with the help from the National Cyber Security Centre.

Rainys also said there would be an investigation to see if the incident was linked to the cyber attacks against the European Medicines Agency and Pfizer and BioNTech, the creators of the first coronavirus vaccine, several weeks ago when attempts were made to steal Covid-19-related information.