Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Security Operations

Lithuanian Energy Firm Experiences DDoS

Baltic Nation Feels Effects of Rising Western Tensions With Russia
Lithuanian Energy Firm Experiences DDoS

A state-controlled energy holding company in Lithuania experienced a cyberattack disrupting online services amid mounting geopolitical tensions caused by Russia's invasion of Ukraine.

See Also: OnDemand | Where Did the Hackers Go? They Ran(somware): Insights into Ransomware Recovery

No critical infrastructure systems were damaged by the distributed denial-of-service event, Ignitis Group stated in a weekend social media post.

Even as the attack has subsided, the Ignitis Group warned that threat actors continued to probe for an opening. Cloudflare is providing DDoS protection to the company.

Lithuania has faced a spate of intensive DDoS attacks over the past few weeks from Russia-supporting hacktivist groups (see: Lithuanian Government Issues DDoS Attack Alerts). A top Ministry of National Defense official earlier this month tweeted that Russia has placed his country under intensive DDoS pressure, saying Lithuania will "give a diplomatic response and … hold those responsible accountable."

"We experience attacks all the time. For the last few weeks we experienced DDoS attacks, but it did not affect our websites," an Ignitis spokeswoman told Information Security Media Group. "On Saturday night around 3 am the intensity of the attack was increased and we experienced malfunctions in our websites. Around midday we resolved the problems and suppressed the attack."

The Baltic country is a main supply chain chokepoint for the Russian exclave of Kaliningrad. Last month, it banned the transit of materials sanctioned by the European Union, including coal, metals and advanced technologies, leading to angry accusations from Russia that Kaliningrad is under siege. EU and Lithuanian officials say that passengers and nonsanctioned goods may continue to transit Lithuania and call the accusations part of larger pattern of Kremlin disinformation.

Attribution to Pro-Russia Actors

The pro-Russian Killnet hacker group claimed responsibility for the attack on Ignitis on its Telegram channel.

"The network infrastructure of the Lithuanian company "ESO" [a subsidiary of Ignitis Group] has been blocked. 100% of the entire ecosystem [affected]," the group says in the post.

Post on Killnet's Telegram channel describing the DDoS attack on Ignitis Group's ESO subsidiary (Image: Telegram)

The attack was a "publicity" stunt, Margiris Abukevicius, vice minister at the Ministry of National Defense of the Republic of Lithuania, reportedly told local news radio station Žinių Radijas, reports Baltic online portal Delfi.

"Publicity is a very important part of these attacks. If we don't talk about them, the other side will lose motivation. When we talk about alleged victories, about alleged punishment of Lithuania, it's motivating the other side," Abukevicius said.

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.