Hackers linked to Russia and Belarus increasingly target Latvian websites, officials say
Politically motivated hackers linked to Russia and Belarus are targeting Latvian government and critical infrastructure websites in a new wave of cyberattacks, according to Latvian cybersecurity officials.
The goal of the attacks is to disrupt access to websites rather than to steal sensitive data, said Baiba Kaskina, head of the Latvian сomputer emergency response team (CERT), in an interview with local media.
Hackers aligned with Russia and Belarus have ramped up their attacks on Latvia since Moscow’s invasion of Ukraine. In an interview with Recorded Future News two years ago, Varis Teivans, the deputy manager of Latvian CERT, said that pro-Russian hacktivists and nation-state hackers were targeting local government, critical infrastructure and private businesses.
This August, the attacks have increased again, according to Kaskina, and are likely related to Latvia’s new aid package to Kyiv, which includes drones and air defense systems.
“After another aid package was awarded to Ukraine, these attacks were quite expected. They also occurred in previous years — during various holidays and following political decisions," said Vineta Sprugaine, a representative of the Latvian State Radio and Television Center.
Most of the incidents were distributed denial-of-service (DDoS) attacks, which only managed to temporarily slow down the operation of targeted websites. According to Kaskina, the volume of these attacks could be “very large,” and they are “well customized” to the targeted websites.
Earlier in August, Latvia reported a large-scale attack on the Unified Website Platform (TVP) — a centralized management system used to create and maintain state and local government websites. The attack, which persisted for nearly two days, disrupted the operations of many state institutions, including the website of the Cabinet of Ministers.
Intensīvu kiberuzbrukumu dēļ Tīmekļvietņu vienotās platformas (TVP) mājaslapās periodiski novērojami darbības traucējumi - lēndarbība vai vietņu nepieejamība.
— Valdības māja (@Brivibas36) August 20, 2024
Šobrīd TVP darbība vērtējama kā stabila.
Atbildīgie dienesti turpina risināt situāciju, lai pilnībā atvairītu uzbrukumus.
Latvian cybersecurity services attribute the latest attacks to politically motivated hackers — hacktivists — “who very openly support Russian aggression and policy.”
Russia-linked hacktivist groups such as NoName057(16) and Anonymous Guys claimed responsibility for the recent attacks on Latvian websites. “We continue to punish Russophobic Latvia for aiding the criminal Kiev regime,” NoName057(16) wrote in a statement on Telegram.
Kaskina said that Latvia was “well prepared” for the Russian cyberattacks, but they still could be difficult to fight against since hackers frequently change their targets and adapt their techniques.
She called Russian attacks on Latvia and other Baltic states part of a “hybrid war” meant to “create panic in society and undermine trust in state institutions.”
“Sometimes we win, sometimes they win,” Kaskina said, adding that the website malfunctions “are a small price to pay for supporting Ukraine's fight for freedom.”
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.