2021.04.08 09:59

Cyber security report: Lithuania detects growth in attacks, online child exploitation

BNS2021.04.08 09:59

The number of cyber security incidents in Lithuania rose by a quarter last year, and that was largely influenced by the Covid-19 pandemic when usual activities moved online due to restrictions, according to the 2020 National Cyber Security Status Report.

Presented at the Defence Ministry on Wednesday, the document states that Russia-linked cyber groups are also exploiting infrastructure vulnerabilities in Lithuania, carrying out attacks on Covid-19 vaccine producers.

According to institutional data, the number of cyber security incidents rose by 25 percent last year, and the number of incidents related to the spread of malware jumped by as much as 49 percent.

Vice Minister of Defence Margiris Abukevičius has told BNS the number of incidents is growing as more and more devices are connected to the internet, the number of unsafe websites is increasing and also due to the persisting lack of “cyber security hygiene”.

“Covid-19 has had unavoidable impact as well. When we look into the correlation between the rise in the number of cyber security incidents and lockdown restrictions, that correlation is very obvious, especially during the first lockdown [last spring],” the vice minister said.

Analysts say last October's parliamentary election and political changes also had an impact on the rise in incidents, although there were no specific attempts to affect the election results.

“During the election period, there were no identified attempts to unlawfully log onto the election information systems, but external intelligence of the information system's perimeter was identified, and 386 IP addresses linked to allegedly unlawful activity were blocked through joint effort of the National Cyber Security Centre and the Central Electoral Commission.

“Other incidents were avoided, so it can be concluded that the 2020 election to the Seimas of the Republic of Lithuania was safe,” the report reads.

Incidents linked to Russia

The report is also based on information collected by the State Security Department and military intelligence, stating that cyber groups controlled by Russian intelligence services carried out cyber attacks on Lithuania's top government, foreign policy and national security institutions, energy and education establishments, and also used Lithuania's infrastructure to carry out attacks abroad.

“Groups controlled by Russian intelligence services also exploited infrastructure of Lithuania's IT services sector to carry out cyber attacks against targets in Western countries, for example, some attacks disclosed by Russian intelligence services' cyber spying group APT29 in July 2020 against a Western organisation creating Covid-19 vaccines were carried out using Lithuania's IT infrastructure,” the report states.

According to the document, some of the cyber incidents detected in Lithuania in 2020 were related to “political, geopolitical and strategic events in Lithuania, in the region and the whole world”.

“Therefore, it is assumed that hostile intelligence services seek to use unlawful ways to get information about vulnerabilities of Lithuania's telecommunication and information systems, gain users' personal information (account login data) and use it for other cyber incidents,” the reports reads.

Abukevičius points out that seven hybrid attacks were detected last year, including one of the biggest attacks carried out in December when hackers exploited a loophole in the website content management system and hacked into at least 24 public sector websites and published fake news.

An investigation later found that the attacks were pre-planned and carried out in an organised manner.

“Speaking of trends, attacks targeting state institutions, critical sectors correlate with political events in Lithuania – last year's elections, the changes in the government [...]. In general, Russian or Russia-related cyber groups are the most active,” he said.

Damage worth €4.5 million

Ransomware is identified as the biggest threat to people's digital assets, as well as DDoS attacks, data thefts and online fraud.

According to Abukevičius, the number of data thefts using loopholes in systems has significantly risen this year. Such crimes were not as noticeable last year.

“Data from the Association of Lithuanian Banks shows that Lithuanian residents suffered damage worth around 4.5 million euros last year due to cyber-electronic crimes,” the vice minister said.

A large part of cyber crimes is related specifically to an increase in online retail during lockdowns when businesses received quite a number of ransom demands and threats to disrupt their business operation, he said.

Child exploitation

The report also points out that as people spend more time online, there has been an increase of online material linked to sexual exploitation of children.

There were 78 cases last year when child sexual exploitation images were found on Lithuanian servers and handed over to the Police Department, up from 44 incidents in 2019.

“These trends in Lithuania match global tendencies identified by institutions like the Interpol,” the document reads.

Abukevičius says both public and the private sector organisations are advised to take more active measures to ensure cyber security. The government even considers punishing public institutions for failing to adhere to recommendations.