View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 27, 2022updated 15 Aug 2022 11:56am

Russia-linked Killnet claims responsibility for Lithuania cyberattack

Killnet has claimed responsibility for the cyberattack that has affected government departments in Lithuania today.

By Pete Swabey

Russian cybercriminal group Killnet has claimed responsibility for a cyberattack that disrupted government systems in Lithuania. The group said the distributed denial of service (DDoS) attack, which also affected some Lithuanian businesses, is in retaliation for Lithuania’s blockade preventing goods passing from Kaliningrad, a Russian enclave, through its borders to the rest of the country.

The attack is the latest in a string of DDoS attacks on targets on either side of the Russia-Ukraine conflict. So far, however, more destructive cyberattacks have been less prevalent than many analysts had predicted.

Kaliningrad is an enclave connected to the rest of Russia through Lithuania, and home to Russia’s fleet in the Baltic sea. (Photo by castenoid / iStock)

Earlier today, Lithuanian media reported that multiple government departments and businesses were being subjected to a DDoS attack.

Speaking to Reuters, a spokesperson for Killnet said: “The attack will continue until Lithuania lifts the blockade. We have demolished 1,652 web resources. And that’s just so far.”

Why is Killnet targeting Lithuania?

Earlier this month, Lithuania imposed a blockade restricting the transport of steel and other metals between Kaliningrad and the rest of Russia through its borders. Russia’s naval fleet in the Baltic sea is based in Kaliningrad.

Lithuania’s government has said it is simply adhering to EU sanctions against Russia, but Moscow – and other observers – have warned the move risks escalating the war in Ukraine.

Today, the country’s state-owned airport said its systems had been disrupted but continued to operate. The Lithuania tax department said its website and phone systems were down but reassured citizens that their data was secure. And the immigration department said that passport applications had been slowed down by the DDoS strikes.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Lithuania’s Prime Minister Ingrida Šimonytė told reporters that the country had been subjected to DDoS attacks since Russia’s invasion of Ukraine in February. “This is not something new,” she said.

What is Killnet?

Killnet is a cybercrime group that is sympathetic to Russia. It emerged earlier this year as a DDoS-as-a-service tool, allowing customers to rent botnet access for $1,350 a month, according to researchers at threat intelligence provider Recorded Future.

After the start of the war, however, the group behind the service turned to politically motivated hacktivism in support of Russia. In April, it was identified by the Five Eyes security alliance as one of a group of cybercriminal gangs that had lent their backing to Vladimir Putin’s regime.

That month, it claimed responsibility for a string of DDoS attacks on Romania’s government and in May the hacking group ‘declared war’ on ten countries, including the US, UK, Lithuania and Romania.

Russia’s invasion of Ukraine has been accompanied by a number of DDoS attacks on targets on either side of the conflict. Hacktivist group Anonymous has claimed responsibility for DDoS attacks on various Russian targets, including state-run media company RT.

Destructive cyberattacks providing tactical support to military operations have not been as prevalent as many analysts had predicted, however. This may be because the opportunities to execute such attacks are hard to come by, experts told Tech Monitor last week, and because Russia might be reluctant to use up its stockpile of zero-day vulnerabilities.

Read more: The war in Ukraine is showing the limits of cyberattacks

Topics in this article : ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.