The pro-Russian hacker group Killnet claimed responsibility for the massive DDoS attack on the Lithuanian government and private business targets on June 27.
The attack brought down a large number of Lithuanian websites, including airports, national taxation, Supreme Court, railways, telecom service providers, etc. The Lithuanian government said the attack also disrupted parts of the country’s national security data transmission network, a key component of Lithuania’s strategy to ensure national security in cyberspace. The Lithuanian National Cyber Security Center warned that cyber attacks will continue in the next few days, especially in the fields of communications, energy and finance, with types of attacks including network tampering, ransomware and other destructive attacks. At present, the National Center has been carrying out data disaster recovery, and strive to minimize losses.
On June 21, the Killnet branch “Legion – Cyber Special Forces of the Russian Federation” announced the launch of cyberwarfare against numerous Lithuanian organizations, as well as large Lithuanian banks, logistics companies, Internet providers, airports, energy companies, mass media groups, and various countries. and ministries’ websites are listed as attack targets. The Lithuanian National Cyber Security Center warned on the 23rd that DDoS attacks against public institutions in the country have increased sharply and caused temporary service interruptions to transportation agencies, financial institutions and other large entities. Security firm Flashpoint said Killnet coordinated a massive attack on Lithuania on the 27th, which it dubbed “Judgment Day.”
The pro-Russian hacking group Killnet has launched a distributed denial of service (DDoS) attack against Lithuanian government agencies and private companies in an attempt to force Lithuania to drop EU sanctions on Russia. Killnet also posted a video on Telegram threatening that Lithuania should allow shipments to be transferred to Kaliningrad or face continued attacks.
Pro-Russian threat group Killnet launches DDoS attack on Lithuania
Internet services in Lithuania were hit by a “strong” distributed denial of service (DDoS) attack on June 27, for which the hacker group Killnet claimed responsibility. Killnet said its attack was in retaliation for Lithuania’s recent ban on shipments of EU-sanctioned goods to the Russian enclave of Kaliningrad.
The Lithuanian government said the flood of malicious traffic disrupted parts of the country’s national security data transmission network. The network is “one of the key components of Lithuania’s strategy to ensure national security in cyberspace” and is “designed to operate during a crisis or war” to ensure continuity of key agency activities. The Ukrainian National Telecommunications Core Center is identifying the most affected websites in real time and providing them with DDoS mitigation measures, while also cooperating with international network service providers.
Jonas Skadinskas, acting director of the Lithuanian National Cyber Security Center (NKSC), said in a statement on June 27, “This even more intense attack is likely to continue into the next few days, especially against communications, Attacks in the energy and financial sectors.” The statement also warned of network tampering, ransomware and other damaging attacks in the coming days.
“We continue to make it clear to the Lithuanian authorities that they should immediately withdraw their decision to ban the transshipment of Russian goods from the Kaliningrad region to Russia,” Killnet members said on Telegram. Killnet claimed to have attacked more than 1,000 Lithuanian websites, including Lithuanian The sites of the four airports. Users with IP addresses outside of Lithuania experienced problems using the Lithuanian airport website, and some users were unable to connect to financial service providers’ websites.
The website of the Lithuanian State Tax Inspectorate (STI) appears to be inaccessible. One of the largest accounting service providers in Lithuania, B1.lt, was also crippled. Local media reported that STI had suspended internal IT systems due to “security concerns”. Killnet also claimed to have attacked Lithuanian e-government services and the country’s police website.
The websites of major telecommunications service providers in Lithuania were also affected by the DDoS attack, with some loading extremely slowly and others not loading at all. Killnet also attacked a platform for buying off-road bus tickets and the website of the Supreme Court of Lithuania. Attackers also previously compromised the Lithuanian Railways website, preventing passengers from buying train tickets online.
Lithuania warns of increased DDoS attacks against government websites
The Lithuanian National Cyber Security Center (NKSC) issued a public warning on June 23 about a sharp increase in distributed denial of service (DDoS) attacks against public institutions in the country. DDoS is a special type of cyber attack that causes internet servers to be flooded with requests and junk traffic, making hosting sites and services inaccessible to legitimate visitors and users.
Transport agencies, financial institutions, and other large entities in Lithuania experienced temporary service disruptions due to the aforementioned cyberattack, the NKSC said.
“The NKSC urges all managers of critical information infrastructure and national information resources to take additional security measures and follow NKSC recommendations to prevent service disruption attacks,” the advisory advised.
The NKSC also provides a link to a PDF with extensive guidance on defending against all types of DDoS attacks used by threat actors today, advising system administrators to apply recommended mitigations.
Hacking group announces cyber warfare against Lithuanian targets
On June 21, a Russian hacker group called Legion – Cyber Spetsnaz RF announced on Telegram that it was launching a cyberwar against numerous Lithuanian groups.
Listed entities include large Lithuanian banks, logistics companies, internet providers, airports, energy companies, mass media groups and various state and ministry websites.
The group is an offshoot of Killnet, which attacked Romanian government websites in April and Italian state platforms in May.
Russian hackers hit Lithuanian websites via DDoS attack as the Lithuanian government enforces a limited blockade of cargo shipments between Russia and the Kaliningrad enclave. The Kremlin deemed the move aggressive and illegal, and hacking activists supporting the Russian government quickly planned and launched a cyberattack against Lithuania.
Security firm Flashpoint said the Killnet group targeted DDoS attacks including Lithuanian police departments, airports, and the government. Flashpoint researchers published a blog post on June 27 saying:
“On June 25, Flashpoint analysts observed discussions of a planned large-scale coordinated attack on June 27, which Killnet has dubbed ‘judgment day’. Flashpoint analysts assess with high confidence that today The reported attack was previously planned by Killnet. Based on our intelligence, smaller attacks were also observed prior to June 27, including one that occurred on June 22. Flashpoint analysts assess with high confidence, according to The ongoing discussion about Lithuania on Killnet-affiliated Telegram channels last week occurred after the Lithuanian government closed the border crossing route to Russia’s Kaliningrad region on June 18, and Killnet targeted Lithuania.
Notably, in a post dated June 26, 2022, Killnet labeled Lithuania as ‘a testing ground for our new skills’, adding that their ‘friends from Conti’ were eager to fight, possibly pointing to Killnet with extortion Links between software Conti, the ransomware group that also expressed allegiance to Russia at the beginning of the Russian invasion of Ukraine. “
With the frequent headlines of ransomware attacks and firms being attacked from all walks of life, cybersecurity is becoming an increasingly important issue for businesses to focus on. You must safeguard your data regardless of your industry. Only by maintaining the security of company data can we provide adequate protection for consumers and ourselves, as well as support the seamless functioning of businesses. Virtual machine backup is one of the most common data protection options these days. Many businesses use VMware Backup solution to preserve their data since it is simple to use and inexpensive.