Šriftas:
A A A
Fonas:
Baltas Juoda
Iliustracijos:
Rodyti Slėpti
Raidė Schema
logo

State Security Department
of Lithuania

Archyvas

Report a threat

8 700 70 007

8 700 70 007

 Form
menu menu Turinys
ENTRY
INTRODUCTION
FOREWORD
SUMMARY
RUSSIA
Putin’s decision to go to war with Ukraine evokes totalitarianism in Russia
Russia expects closer economic ties with the CIS countries in the short term
Russia aims to outsuffer Ukraine and the West in a protracted conflict
Russia’s digital and information isolation is growing
The Kaliningrad region remains the biggest threat in Lithuania’s neighbourhood
Iran’s support to the Russian war effort in Ukraine
BELARUS
A. Lukashenka takes part in Russia’s war against Ukraine, albeit does not regard himself as an aggressor
The situation of the Lukashenka regime is dependent on the Kremlin’s success in the war against Ukraine
With the single voting day approaching, the regime’s main short-term objective is to prevent a new wave of protests
CHINA
Russia’s war against Ukraine has not changed Beijing’s goal of strengthening strategic cooperation with Moscow
By pursuing an aggressive policy towards Taiwan, China strives to change the current status quo in their relations
China uses new initiatives to shape the global security agenda and create a counterbalance to western alliances
Xi’s concentration of power in the CCP poses a risk of strategic miscalculations
Internal tensions in China force the regime to search for external enemies, justifying repressions against its society
THE ACTIVITY OF HOSTILE INTELLIGENCE AND SECURITY SERVICES
Russian intelligence searches for new methods to collect intelligence in Europe, but its primary focus is the war against Ukraine
Belarusian intelligence services recruit their own nationals fleeing to Lithuania
Authoritarian regimes are changing the model of privatization of military power
CYBER SECURITY
War against Ukraine did not decrease threats in Lithuanian cyber space
Ghostwriter activity against Lithuania in 2020–2022
INFORMATION SECURITY
Lithuania remains a target for Kremlin propaganda
Kremlin tries to exploit Muslim communities in Europe
Kremlin actively strives to preserve its expansionist historical narrative
Pro-Kremlin propaganda narratives designed for Western societies
ECONOMIC AND ENERGY SECURITY
Sanctions cause major problems to Russia and its entities that try to bypass them
Technologies being developed in Lithuania may be targeted by hostile foreign actors
Chinese military company covertly tried to acquire technology being developed in Lithuania*
Russia runs out of options to use energy supplies as leverage
Rosatom develops projects abroad, but its technologies are defective
CRISIS REGIONS
Conflicts and climate change deepen the global food crisis
TERRORISM AND MIGRATION
The number of Islamist terrorist attacks in Europe has decreased, but the threat remains high
Right-wing extremism and accelerationism remain a threat in Europe
Illegal immigrants to the EU are still using the route via Belarus
download Atsisiųsti PDF

You are:

Pradžia

CYBER SECURITY

War against Ukraine did not decrease threats in Lithuanian cyber space

War against Ukraine did not decrease threats in Lithuanian cyber space

The most active cyber groups that act against Lithuania are connected with Russia and China. Their priority remains continuous long-term collection of information related to Lithuanian internal and foreign affairs. Cyber groups seek to access government institutions’ and organisations’ IT systems; they gather both target information and technical data about the systems’ architecture and vulnerabilities. They also try to create mechanisms that allow long-term access to the systems. A temporary decrease in cyber group hostile activities caused by Russia’s actions in Ukraine is unlikely to have a major effect on their long-lasting malicious operations in the medium term.

Russian cyber groups, coordinated by intelligence agencies, use the tools usually attributed to cyber criminals and also cooperate with non-state hackers. Attacks by cyber criminals are increasing in number and scope. It is likely that some of the attacks attributed to cyber criminals in fact are instigated by adversarial countries.

This collaboration is based on mutual benefits – state actors exploit this opportunity to mask their involvement in malicious activities, whereas criminal groups receive financial and technological support, acquire experience, and immunity from prosecution.

The war in Ukraine has demonstrated that criminal hacker groups, such as Killnet, Killnet, Xaknet Team, or no name are ready to get involved in the conflict on the Russian side. In recent years, cyber criminals and cyber activists have supported Russia by trying to disrupt information processes and sowing turmoil in society.

In 2022, these groups periodically conducted DDoS attacks against government and private sectors in Ukraine, the Baltic states, Poland, and other supporters of Ukraine. In summer, they carried out attacks against a wide spectrum of targets in Lithuania – critical infrastructure, government institutions, logistics sector, and other organisations. The attacks did not cause any direct and lasting damage, but cyber activists highly likely will continue to target countries that provide support to Ukraine or are not favourable to Russia.

While cyber espionage remains the main line of operation of state actors, destructive attacks have been increasingly prevalent. The purpose of these attacks is not only to disrupt the targeted system activities and critical processes but also to destroy the data stored and managed within them. The main targets of attacks are usually IT networks of governmental organisations and critical infrastructure.

While in recent years attackers have mainly targeted Ukraine, they have also acted against NATO countries. In July 2022, hackers publicly attributed to Iran managed to get access to data managed by the Albanian government institutions. They compromised the information systems with malware capable of irreversibly corrupting the data. As a result, websites of Albanian electronic services and institutions were partly disrupted. It is highly likely that in the future, the threat to organisations’ information systems of NATO, EU, and other states will grow, especially due to increased geopolitical tensions.

In 2022, Ghostwriter, a cyber-enabled influence campaign, significantly decreased its activity against NATO states. Whereas in 2021, at least 11 cyber-enabled information operations were launched against Lithuania, in 2022, there was only one. Contrary to previous attacks, this attack did not aim to spread disinformation about Lithuania’s internal and foreign affairs. The purpose of the attack was to get access to social media and e-mail accounts. It is highly likely that perpetrators were trying not only to get to the information held within these accounts but also to use the compromised accounts for spreading disinformation in the future.

It is likely that the decrease in cyber-enabled information operations in Lithuania is temporary and related to redirected effort towards Ukraine, which has been a target of numerous Ghostwriter attacks in recent years. Nonetheless, attempts to gather Lithuanian citizens’ data indicate likely plans to target Lithuania in the future attacks.

Spausdinti print
Taip pat šioje temoje skaitykite
arrow Ghostwriter activity against Lithuania in 2020–2022
CYBER SECURITY GHOSTWRITER ACTIVITY AGAINST LITHUANIA IN 2020–2022