download Download PDF

You are:

Home

CYBER SECURITY

Cyberattacks are increasing in scale and becoming more destructive

Cyberattacks are increasing in scale and becoming more destructive

The greatest threat to the information systems of important Lithuanian organisations comes from cyber espionage groups operating on behalf of hostile states. With substantial financial resources, expertise, and motivation to act against organisations in Lithuania and other NATO countries, these groups seek to carry out complex, difficult-to-detect operations designed to obtain sensitive information, to spread disinformation, and since December 2025, carry out destructive attacks against critical infrastructure.

Cyber actors are capable of causing increasing damage to information security, services provided and processes carried out in cyberspace, thus posing a growing threat to national security. In order to avoid the paralysing effects of cyberattacks, institutions and organisations must strengthen their defensive cyber capabilities and implement alternative measures that would allow them to continue operating without disruption even in the event of a successful cyberattack.

It is almost certain that when a large number of organisations in a single sector choose the services or products of the same suppliers, the likelihood of successful large-scale cyberattacks increases. Exploiting supply chains creates new vectors of attack. Organisations that pay insufficient attention to cybersecurity may enable hackers to reach other, more resilient organisations in the chain. For example, although the October 2025 outage of Amazon Web Services cloud services was not caused by a cyberattack, it illustrated how a successful cyberattack against a single supplier could affect global supply chains. Services provided by social media platforms Snapchat and Reddit, internet television providers Hulu and Disney+, financial service providers Coinbase and Venmo, and thousands of other organisations were disrupted. The ability to attack one organisation and affect the information systems of all its customers makes supply chain attacks one of the most attractive and effective attack vectors.

Cyber attackers not only continue using proven attack methods but also seek new ways and means to facilitate malicious activities. Improvements in large language models, which the artificial intelligence (AI) technologies are based on, enable faster, less resource-intensive, more effective, and more widespread attacks.

Although AI had been used in cyberattacks before, 2025 saw the first documented case of AI being integrated into malicious code. Ukraine’s cyber incident response team identified the LameHug malicious code used likely by the Russian military intelligence GRU cyber espionage group as a tool to steal information, the commands of which to capture data on the compromised system were generated by AI rather than by hackers themselves. It is very likely that the use of AI has also led to other changes in cyberattacks carried out by hostile states.

For example, AI can be used to effectively collect information on targets’ activities, contacts, and communications, which can then be used to prepare malicious emails that do not arouse suspicion. AI also enables hostile states to use illegally obtained information more quickly and effectively for further malicious activities. This in turn allows adversarial states to prepare in advance for political decisions that are unfavourable to them, to conduct discrediting and disinformation campaigns in real time, and, in the event of war, to effectively identify and eliminate targets.

It is almost certain that geopolitical tensions, the development of cyber capabilities by hostile states and the criminal world, as well as new technologies, will increase the threat level in the cyberspace of Lithuania and other NATO countries in both the short and long term. Continuous updates and practical applications of critically important Lithuanian organisations’ cyber security policies, considering the innovations in cyber threat landscape and changes of organisations’ IT processes and infrastructure, reduce risks not only to the organisation itself, but also to entities related to it, as well as to Lithuania’s national security.

Examples of cyberattacks in 2025 that disrupted the processes of organisations critical to society:

  • In January, an attack on Slovakia’s national land registry, described by Slovak Minister of Agriculture as the largest cyberattack in the country’s history, disrupted activities of state and private entities that depend on these data.
  • In September, an attack on Collins Aerospace’s MUSE software, used to manage passenger check-in and boarding, disrupted operations at Heathrow, Brussels, Berlin, and Dublin airports, resulting in flight delays and cancellations.
  • In December, a coordinated large-scale attack against electricity and heat supply organisations was prevented in Poland. Polish Prime Minister Donald Tusk indicated that there were many reasons to believe that the attack had been carried out by groups directly linked to Russian services. It has been reported that if the attack had been successful, half a million Polish citizens would have been left without heating during the winter. Poland’s Minister of Digital Affairs stated that the attack came very close to disrupting the electricity supply.


Click on the image to enlarge it.

Print print
+
Cookie settings
Mandatory
Mandatory cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookie.
Functional
Functional cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. Functional cookies are currently unused.
Statistical
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously. Statistical cookies are currently unused.
Allow all cookies Reject all