Cyber-attack targeted more than Latvia's health system

An apparent cyber-attack which briefly shut down Latvia's online health system two weeks ago involved attacks on other agencies as government departments as well LTV's De Facto investigative show reported January 28.

Simultaneous with the e-health system cyber-attacks were attacks directed against the State Revenue Service (VID) information system and the home page of the Cabinet of Ministers, effectively the website of central government. The attacks were not successful and did not affect the functionality of the respective sites, despite being in some ways more powerful than the attack on the health system, De Facto reported.

"Most users did not even notice the attacks... But I have to admit that in the last few weeks there has been increased [cyber-attack] activity, and there is no explanation as to why this is so. But most of them have been repulsed successfully," Varis Teivans, Deputy Head of CERT.LV, the national cyber-security agency, told De Facto.

At the moment, it is still being investigated who actually carried out the attacks and what their purpose was. There are several possibilities, from people within the system who are unhappy about the way e-services have been introduced and want to highlight their problems to the more obvious explanation of a hostile foreign power with online resources wanting to portray Latvia as a failed or shambolic country.

However, Teivans said it was also possible the attacks on the various institutions might have various different reasons behind them: "This example could also be politically motivated, or maybe it has some other motivation behind it. You can analyze quite a bit and try to draw on the specific needs of those who stand behind the action. "

Attackers tend to buy this kind of fairly crude service on the illegal or dark market. Some estimates suggest that an attack similar to the one that took down e-health, might start from just 80 US dollars. But a specifically targeted, powerful attack can cost thousands and even millions.

The media and public institutions have already been targets of foreign cyber-attacks by specialist services, the Constitutional Protection Bureau, Latvia's secret service, has revealed in its most recently published activity report. 

In Saeima election year, the importance of cyber-security issues in Latvia will increase and the battle for votes ahead of October's parliamentary election will play out in the digital environment without doubt.

We do not yet have information that would indicate that a foreign country wants to intervene in the Latvian electoral system. But I think we will be ready for it," said Ints Ulmanis, Deputy Chief of the Security Police.

Speaking about possible foreign influence, the Security Police Representative does not exclude that the greatest risks could come from Russia. There is currently no sign of direct outside intervention though.

The Ministry of Defense is also keeping a watchful eye on the situation.

"What we have seen in the last few years - these cyber operations are connected with informational operations," states Janis Garisons, State Secretary of the Ministry of Defense, who is also chairman of the National IT Security Council. According to Garisons they often have a clear military or strategic dimension when they involve the dissemination of fake news, for example.

Cybersecurity expert Kirils Solovjovs told De Facto, political parties would do well to check the security on their websites in light of the current threat and regard investment in cyber-security as much cheaper than responding once an attack has already happened.

"There is still a risk for a large part of the so-called old parties that their websites may be cracked and in part that third parties may access their internal correspondence or internal circulation of documents. And unfortunately, as far as I know, nothing has been done. But, realizing how parties function in Latvia, this is probably understandable. Financially, if they can, it is calculated that the amount of money needed to arrange security in this regard is less than what will be needed for advertising if something happens - some kind of [fake] entry on the website - some nonsense, and then you will need to withdraw it and apologize to the public," said Solovjovs.

The Ministry of Defense, along with CERT.LV, is still hoping to create a so-called white hacking register that could test national information systems for vulnerabilities, but so far there is a lack of support from other agencies, De Facto said.

Seen a mistake?

Select text and press Ctrl+Enter to send a suggested correction to the editor

Select text and press Report a mistake to send a suggested correction to the editor

Defense
Society