Kremlin cyber gang targets NATO meeting place website


Threat group NoName has taken credit for taking down several websites in Lithuania, including the exhibition center LITEXPO, where the NATO summit is currently taking place. The attacks have also disrupted the NATO multimedia website and several websites of Lithuanian water, district heating utility companies.

Russia’s cyber villains are working hard to help their Kremlin masters as the NATO summit in Vilnius begins. A few more websites were taken offline after the initial attacks on Monday.

NoName claims that it managed to shut down the website of the Lithuanian exhibition and congress center LITEXPO, where the meeting is hosted. However, the website, at the time of writing, was working fine.

ADVERTISEMENT

Some utility companies in Lithuania’s capital Vilnius were less successful in keeping their websites online.

The website for Vilnius’ water supply company, vv.lt, remains unavailable, and the district heating company’s website, chc.lt, also appears to be affected.

Among the more notable targets was NATO’s multimedia website natomultimedia.tv, unavailable at the time of writing, along with a few other nato.int subdomains.

The day before, attackers were focused mainly on the public transport websites of Vilnius. Some of those struggled to load, even on Tuesday. Public transport is free during the summit, and information is usually provided on third-party apps like Google Maps or Trafi.

Kremlin attention on Vilnius is not accidental, as the leaders of NATO member countries have gathered to discuss here, among other things, Ukraine’s possible entry to the Western defense alliance.

It should be stressed that the attacks are carried out by the DDoS method. DDoS stands for Distributed Denial of Service. During DDoS attacks, vast numbers of “bots” from multiple locations try to connect to the same server until it is unable to respond to all requests. Legitimate users then cannot access the needed services.

DDoS attacks rarely cause long-term damage as the physical infrastructure is not affected. DDoS attacks are regarded within the cyber community as more of a short-term nuisance.

ADVERTISEMENT

The National Cyber Security Center of Lithuania (NKSC) also recorded two cyber incidents related to radio broadcasting. On July 9th, one illegal broadcast was stopped on a local regional radio station. Later another incident happened in the shopping mall where the music streaming service was hijacked and reprogrammed to play pro-Russian propaganda.

"Currently, as we speak, DDoS attacks against our country are taking place once again," said NKSC head Liudas Ališauskas on Monday. He urged residents of Vilnius to remain vigilant over the coming days spanning the NATO summit, think critically, and report anything suspicious to the relevant authorities.

“This is not the first time hybrid attacks, when a cyber incident is used to spread disinformation, have been recorded in Lithuania,” he said. “Institutions are skilled in responding to such attacks, but joint action with the public will provide the greatest effect in preventing their spread.”