In the dispute over transports to Kaliningrad, Russian hackers have now dared the first big blow against Lithuania: A gigantic cyber attack paralyzed authorities and companies.

The dispute between Russia and Lithuania continues to escalate. After the Baltic state began implementing EU sanctions and blocked the transport of goods such as steel to the Russian enclave of Kaliningrad, Russia threatened consequences, including military ones. The first stage has now been reached: Lithuania was hit by a large-scale cyber attack.

This was confirmed in a statement by the authority responsible for such attacks, the National Cyber ​​Security Center (NKSC). According to the authority belonging to the Ministry of Defense, the state network for secure data transmission, other state agencies, but also private companies were hit by a DDoS attack. This ensured that numerous users of the state data transmission services could not log in. The service is intended to enable critical institutions to continue operating in the event of a crisis or war.

The perpetrators are old friends

A hacker group, which is anything but a blank slate, claimed responsibility for the attack: Killnet has taken a clear position since the attack on Ukraine in February and has repeatedly targeted targets that are perceived as enemies of Russia. Even when members of the group began boasting about the attack on Lithuania on Telegram, they explicitly cited the blocking of transport to Kaliningrad as the background to the attack.

Security researchers confirm that the group began preparing for a major attack on Monday since Saturday. The action was therefore referred to internally as “Judgment Day”. Flashpoint analysts are confident that the group is actually behind the attack.

Waiting for the big hit

They also rate the attack as highly problematic from a second perspective: Killnet sees it primarily as a test run. The attack was “a test scenario to try out new skills,” according to the internal group chats. The allied group Conti is “hot to fight”.

The Lithuanian side expects it’s not over anyway. Although they are on the way to fixing the problems, it is “highly likely that similar or even stronger attacks will follow in the next few days,” the statement quotes cyber security chief Jonas Skardninskas as saying. The communications, energy and financial sectors are rated as particularly at risk.

Sources: NKSC, Flashpoint