In a rare statement posted to its website, SAB said that like the Netherlands - which recently went public with claims it had been subjected to cyber-attacks from the Russian Federation - Latvia too had been targeted several times, naming Russia's GRU military intelligence service specifically as the perpetrator.
"The cyber attacks in Latvia were carried out by the GRU for espionage purposes, and the most frequent attacks were directed against state institutions, including the foreign and defense sectors. Rarely, attacks were targeted at private companies, including the media. The essence of cyber-attacks carried out by GRU is to enter an information system, operate in it unnoticed, and obtain long-term data from the system - for example, regular access to e-mail correspondence and documents processed at the workstation," SAB said.
The GRU frequently uses "phishing" techniques, in which a target is lured to click on a certain link, to gain access to computers, SAB said.
SAB gave no details about the number, duration or effectiveness of the attacks and offered no specific evidence to back up its assertion other than referring to evidence compiled by the US authorities in connection with Russian attempts to manipulate the 2016 presidential election in that country.
"Not only the GRU, but other Russian intelligence and security services, are campaigning against Western interests in cyberspace. Cyber activity has become a routine part of Russian politics, which accompanies almost all of Russia's foreign and military activities in different regions of the world. Russia's agility and readiness to use it in recent years has grown substantially and is one of the fastest growing threats. However, there are also positive trends at the same time, as responsible institutions in the West are investing more and more resources in cyber security. The capacity of national security institutions to identify the cyber attacks of foreign special services has also increased in Latvia, measures to strengthen the IT infrastructure have been implemented, and the general understanding of cyber security issues has increased," SAB said.
No cyber attacks by Russian military intelligence were observed that would have had any impact on the recent Saeima elections, SAB added.
As previously reported by LSM, the Draugiem social network was hacked on election day with Russian nationalist messages posted, but who performed the hack and why has yet to be established.
SAB was founded in 1995 and its main tasks include intelligence, counter-intelligence and protection of official secrets. As the National Security Authority SAB also ensures protection of NATO and EU classified information in public institutions engaged in work with such information.
Coincidentally the SAB release comes one day before today's "Cyberchess" cyber-security conference run by CERT.lv, the national cyber-security agency, which is taking place in Rīga and can be watched online. The main working language is English, though some presentations will be in Latvian.
In opening comments to the conference, Defense Minister Raimonds Bergmanis complained that Latvian media didn't give prominent enough coverage to the Russian cyber attack on Netherlands last week.