The Lithuanian Ministry of Foreign Affairs (URM) announced on Wednesday that it had observed an attempt to perform an information-cyber-attack. According to Lithuanian President Gitanas Nausėda, certain indications suggest that classified information was leaked during the cyber-attack, but it is currently unclear what its scope was.
This was discussed on the tv3.lt show Dienos Pjūvis on 13 September with cyber-security specialist Darius Povilaitis and foreign policy expert Albinas Januška.
If it is confirmed that there really was an attack, what harm could the stolen documents cause us?
A. Januška. It is odd that the president was not aware of such matters. He suddenly announced that a cyber-attack was perpetrated and that there are classified documents involved. Another matter is that this is something of a confirmation of the documents’ legitimacy despite ourselves being uncertain as to whether this will definitely be the case with the documents, which were stolen and will be displayed and accessible.
Clearly, if, as the president says, the documents will be marked “classified” and we do not know if they are real or not, this will cause vast damage to trust in the Ministry of Foreign Affairs and the state among NATO and European Union allies. Lithuania will have much explaining to do and, of course, it will be interesting for many in Lithuania to read it, while the world will be able to read the documents, some fake and some perhaps real, about secrets and statements.
In this sense, a scandal akin to WikiLeaks is drawing close and it entails vast harm to Lithuania if Lithuanian officials act this way. We had to learn a lesson from the USA never recognising any of the WikiLeaks documents and never commented on them – it’s the only way out from such announcements and from parallel falsification.
Mr Povilaitis, could it be that Lithuania was unaware of the attack and only found out once the data was released?
D. Povilaitis. Yes, from experience, it is typically observed when someone announces it or if the “attackers” perform an action, a mistake during the attack, which crashes the systems. These are the two most typical cases when attacks are noticed.
The targeted organisations must have competent human resources for monitoring these matters. It is probably no secret that there aren’t that many such resources in either Lithuania or even the USA. I believe that the problem was observed when either certain systems malfunctioned or when the information was leaked.
Mr Januška, what might the purpose of these attacks be? Usually, the matter of inciting distrust in state institutions is brought up, but perhaps you perceive some specific goal?
A. Januška. The aim is to discredit Lithuania. […] It could be that announcing the documents is a part of a hybrid attack. Some of them might be real, but we won’t be able to tell which and some might be fake, edited. This is simply an act of discrediting the state as part of a hybrid attack.
If we can’t somehow prove to our partners that this is fake, there could be a crisis of distrust in Lithuania and its document protection system. It is a massive blow to the state and we will have to draw very serious conclusions from it.
It is odd that the institutions, which are tasked with security, keep the system at such a level to this day.