Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Russia-linked APT groups leveraged the Lithuanian nation’s technology infrastructure to launch cyber-attacks against targets worldwide.

The annual national security threat assessment report released by Lithuania’s State Security Department states that Russia-linked APT groups conducted cyber-attacks against top Lithuanian officials and decision-makers last in 2020.

APT29 state-sponsored hackers also exploited Lithuania’s information technology infrastructure to carry out attacks against “foreign entities developing a COVID-19 vaccine.”

In 2020, Russian intelligence operations against Lithuania decreased due to the COVID-19 pandemic, but Russia-linked APT groups increased cyber espionage campaigns against targets worldwide.

“Nevertheless, Russian intelligence operations pose a major threat to Lithuania’s national security,” State Security Department head Darius Jauniskis told Lithuanian lawmakers during the presentation of the report at the Parliament.

Jauniskis explained that the Russian government is using military and economic means to carry out its operation, including disinformation campaigns.

The report states that both cyber attacks and disinformation campaigns have increased in Lithuania in the last 12 months.

Jauniskis added that Russia-linked APT groups attempted to destabilize the political context in Lithuania by exploiting the pandemic in misinformation campaigns. Lithuanian authorities observed “dozens” of “failed attempts” to conduct disinformation campaigns.

“Those activities were well-coordinated and fueled by anti-Western propaganda coming out from the Kremlin,” Jauniskis added.

In the last years, security experts documented multiple hacking and disinformation campaigns, attributed to Russia-linked APT groups, that targeted Lithuania, Estonia, and Latvia.

Estonia’s foreign intelligence agency also blamed Russia for cyber attacks exploiting COVID-19 pandemic to create havoc in the national contest.

In April 2019, a major and orchestrated misinformation cyber attack hit the Lithuanian Defense Minister Raimundas Karoblis with the intent of discrediting him and the Lithuanian national defense system.

In December 2016, Lithuania blamed Russia for cyber attacks that hit government networks over the previous two years. The head of cyber security Rimtautas Cerniauskas confirmed the discovery of at least three Russian spyware on government computers since 2015.

Lithuanian officials targeted by the alleged Russian spyware held mid-to-low ranking positions at the government, anyway Cerniauskas confirmed their PCs contained government sensitive documents.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Lithuania)

[adrotate banner=”5″]

[adrotate banner=”13″]