Cyber Attacks on Lithuania


Lithuania’s institutions were hit with cyber attacks days after Moscow promised to retaliate over Kaliningrad transit sanctions, writes In a statement on June 27, the Defence Ministry said an “intensive” DDoS (Distributed Denial of Service) attack was targetting “the secure national data network, other Lithuanian public authorities and private companies”.

Killnet, the Russia-affiliated hacker group that has claimed responsibility for the attack on Lithuania, has been posting on its Telegram account information about planned and executed (DDoS) attacks.

In a video message, the group says it has launched the attacks in retaliation for the restrictions imposed by Lithuania earlier this month on the transit of sanctioned goods to Russia’s Kaliningrad exclave. After EU sanctions against Russia took effect, Lithuania restricted the transit of steel and ferrous metals. Russia has accused Lithuania and the EU of violating international agreements, threatening a “non-diplomatic” response.

As of June 27, the State Tax Inspectorate (VMI) put its IT systems on hold for security concerns after recording an unusually high number of logins. “Please be advised that VMI customers’ data is secure,” the tax authority said. “The VMI website, the My VMI system and telephone services are currently down.”

Evelina Gudzinskaitė, director of the Migration Department, confirmed that information system disruptions were causing delays in the issuing of passports and residence permits in Lithuania.

Tadas Vasiliauskas, spokesman for Lietuvos Oro Uostai (Lithuanian Airports, LOU), reported that the state-owned company’s websites had experienced some disruptions, but the systems are functioning. In its Telegram account, the Killnet group identified websites of businesses providing document management system services as its targets.

The Lithuanian National Cyber Security Centre last week warned about an increase in DDoS incidents. State-owned Lietuvos Geležinkeliai (Lithuanian Railways) then said it had been hit with cyber-attacks. Prime Minister Ingrida Šimonytė noted that such attacks had been recurring since Russia’s invasion of Ukraine in early February. “This is not something new that we have not experienced since the very beginning of the invasion, because there have been attacks during these four months and before,” she told reporters.

Last week, Lithuanian Defence Minister Arvydas Anušauskas did not rule out that the attacks could be linked to these disputes. As of June 27, the websites of the Lithuanian Foreign Ministry and the State Tax Inspectorate (VMI) remain inaccessible.