what is the worst cyber attack that could happen in Lithuania?

Cyber ​​security expert Marius Pareščius, dr. Šarūnas Grigaliūnas and Baltimax cyber security engineer, ESET specialist Lukas Apynis.

Friday’s incident

Friday’s events revealed how easily a single untested software update can disrupt global business and government processes.

“Someone made a mistake, and then the whole world was on its knees,” M. Pareščius briefly described the situation. – For the end user, it seemed like a small nightmare – the airlines stopped, the work of the companies stopped. People sat and rested and waited for something to get better.

A cyber security expert explained that this situation occurred because after the update was installed, the servers began to malfunction, causing computers to shut down and operations of some businesses to stop.

“If these were servers that serve, for example, ambulances, traffic lights, water supply, food supply – everything would simply turn off and not work,” M. Pareščius said about the consequences of this type of error. He added that this could also happen in the energy sector.

Preparation of sectors

Sh. Grigaliūnas noted that many airlines and companies in other sectors were not prepared for such incidents because they did not have a proper business continuity plan.

He said that these situations showed that many measures are “only on paper”, which, according to the expert, is “a huge problem in Lithuania as well”.

L. Apinis agreed, saying that “the business continuity plan is a great test for organizations. If they don’t have such a plan, when a disruption occurs, you will see it.”

“Everyone has a plan, only that plan is useless – we don’t have the means, we don’t have people, and we don’t even have attempts to implement that plan. It is necessary to create a new plan that would help implement the existing one”, added M. Pareščius to other experts.

Compensation for losses incurred

Speaking about the damage suffered by corporate clients, M. Pareščius emphasized that such losses are always compensated, it is only important to demand.

“Incurred losses are primarily compensated according to what is written in the purchase and sale conditions. In this case, if you bought an airline ticket, the airline company or the company that insured the airline company will answer. Or according to the general rules in Europe or the USA”, said the cyber security expert.

However, he emphasized that it “is not adapted to our economy in Lithuania”.

“Because eHealth is not working – no one will answer, because of traffic lights not working – no one will answer, because some railway stopped – no cargo or people were transported – probably no one will answer either,” said M. Pareščius.

Amendment of the law

The participants of the show drew attention to the new amendment to the cyber security law and the importance of corporate responsibility.

Sh. Grigaliūnas said that data is an asset and it should be evaluated properly.

“Many organizations and managers still do not assess the assets properly, and therefore do not assess the risks,” the expert said, but he emphasized that on October 17 An amendment to the cyber security law will enter into force in Lithuania, which will oblige to respond to incidents in a timely manner – in the opposite case, large fines will await.

L. Apinis added that the amendment to the law will oblige company managers to take action.

“There are different managers and some don’t understand the value of data and think that the tangible physical things are important and what’s in the cyber world is not.” Now the law encourages them to do something because it can be punished,” the cyber security engineer taught.

However, L. Apinis noted that it is important that someone from the outside audits the organizations, whether they really follow the law.

“We’ve seen some customers buy a security or data leak protection solution, legally have a checkmark on it, but don’t even install it for half a year. It is important not only to have laws, but also to check their implementation,” he explained.

M. Pareščius also expressed his support for the amendment of the law: “It needs to be done now, because we are becoming cyber weapons.”

Not the first time

“This is certainly not the first case on the market, we have many examples,” said Š. Grigaliūnas.

“Problems are repeated”, agreed L. Apinis.

Experts also provided examples of very similar situations.

“About a couple of months ago, the same company had a similar situation with Linux operating systems. Administrators of service stations, or in other words servers, bit their teeth and suffered this situation. Yes, service stations have greater availability, they have resets, they have automations – it was easier to turn it back,” said Š. Grigaliūnas.

“The current head of CrowdStrike previously worked as a technology manager at McAfee, a security company, and had the same issue with Windows XP computers there as well. That company also suffered huge losses and had to sell it to the Intel company, L. Apinis recalled.

M. Pareščius noted that “updates are one of the biggest cyber security holes today”. He recalled a case from 2017, when Ukraine was attacked by the NotPetya virus, which came as a software update.

“The software product used by accountants, which is designed to fill out declarations, received an update one day – it encrypted all accounting data,” said M. Pareščius.

The worst cyber attack scenario

When asked about the biggest and most terrible cyber attack that could happen in Lithuania, M. Pareščius presented a scenario of an attack against electric cars.

“Let’s take all the electric cars that have autonomous driving, them let’s hack it and let’s go for a ride around the city of Vilnius. They may follow traffic rules, they may not. Green traffic lights can be specially activated for them. All of Vilnius will be closed. In that case, you won’t do anything,” said the cyber security expert.

Cyber ​​Security Tips

Speaking about Friday’s incident, experts agreed that to avoid disruptions caused by software updates, it’s important to test them first in a safe environment.

However, in general, they emphasized that organizations, the state, and each individual should take care of cyber security.

“When a new employee comes in, why do we train them in firefighting, first aid, but not cyber resilience?” This should become a natural action in every organization, including private companies. We would reduce surprises,” Š said about the obligation of companies to educate employees. Grigaliūnas.

He also noted that “in the state institution, 10 percent of the income must be dedicated to protecting information – if this percentage is lower, it means that the organization is completely insecure and its risk of data loss is obvious.”

M. Pareščius also emphasized the role of the state in cyber security: “The state must start investing money in various technologies, in the creation of innovations in Lithuania and their implementation, and in people’s education.”

The cyber security expert also indicated what cyber security measures each of us could take individually:

“Password Policy: If you use a bunch of websites and apps, you should have a different password for each one. Passwords must be changed every six months, they must consist of letters, numbers and special characters. characters. Their length is no longer eight characters, but twelve. Stop using paper and some algorithms in your head to remember passwords – there are apps for that.

Soc. networks and all other products that use passwords – enable two or more factor authentication. Treat social networks like your bank account, because it can also cost money,” advised M. Pareščius.