Cyber attack targeted Lithuanian defense minister

Defense minister Raimundas Karoblis and government institutions were the targets of a small cyber attack against Lithuania on Thursday.

The attack consisted of three different elements. First institutions from the government, ministries, and embassies received emails containing an attached file with a virus. Then at 19.15 hackers took over the website tv3.lt and posted a fake news story discrediting defense minister Karoblis. The story was online for about five minutes before the TV-channel managed to remove it.

The fake story was written in decent Lithuanian, according to delfi.lt. It claimed that Karoblis had sexually harassed a (male) journalist and at least eight anonymous diplomats. The hackers attacked from a server in Saint Petersburg.

The third element of the attack was another fake news story that appeared on foreign websites claiming that Lithuania had introduced sanctions against Mongolia. Apparently this gave the Lithuanian diplomacy some extra work, and they consider it a conscious provocation.

Karoblis is known as an avid advocate for a tough military line against Russia. It is suspected that the cyber attack is a response to Lithuania’s so-called Magnitsky list which was published on Monday. This list bans 49 named Russians from Lithuania.

A military reserve of cyber security experts

Monica M. Ruiz argues in War on the Rocks that the Estonian voluntary Cyber Defense Unit is a model that the United States should implement. I think this is a great idea for many countries, including other countries in the Baltic region.

The idea is that citizens who are specialists in cyber security or have other information technology skills can volunteer for the Estonian Defense League. When necessary, they can contribute to protect the online infrastructure of the country and participate in crisis management. …Continue reading

Russian military moves from Windows to Linux

The Russian military has decided to move away from Microsoft Windows on all computers. The decision is grounded in security concerns connected with using an operating system that is produced abroad. That reports Izvestia.

Instead there will be installed a version of Astra Linux on all computers in the Russian Armed Forces. LibreOffice will be used as office suite. …Continue reading

Latvia more vulnerable to disinformation than other Baltic States

Latvia scores lower than the other Baltic States on the Disinformation Resilience Index (via icds.ee):

Estonia, Latvia, and Lithuania: who is better equipped to counter disinformation? Estonia developed noticeably higher quality of systemic responses to disinformation campaigns than the other Baltic States. Lithuanians are much less exposed to Russian media environment as Russian-speaking part of population there is many times less numerous. While Latvia does relatively worse than the other two neighbors in withstanding the information threats.

You have to practice being jammed

Estonian intelligence chief Kapo Rosin has an assessment of the Zapad exercise and Russian doctrine in Defense News:

The exercise basically [addressed] two factors. First, how to jam the enemy, which is logical; and second, how to operate [within those] conditions themselves. They of course know that an electronic field is both a challenge for them and a possibility, since Western militaries are very dependent on different electronic communications, reach back and so on.

They know that if they can attack it successfully, then they get the advantage in some fields; and they also know that the NATO is also technically advanced and has its own capabilities. So, the conclusion with Russians is they have to know how to operate under such conditions themselves. You need different skills, procedures and so on to conduct a successful war under those [circumstances]. You have to learn how to command your military with a paper map. So they did that, and I think they are definitely ahead of us [there].

Interesting concept to be ahead by being old fashioned.

Denmark reopens listening post to eavesdrop on Russia

The Danish Defense Intelligence Service is building a listening post on the island of Bornholm in order to eavesdrop on Russian radio communications. That reports Danish newspaper Politiken.

The mast will be 85 meters high, and the newspaper writes that it will be focused on the VHF frequency band. That sounds like a very narrow purpose, so I think it is safe to assume that the mast is also equipped for other frequencies.

A similar listening post was closed in 2012 because it was considered irrelevant to listen to Russian radio traffic in a security climate where international terrorism was seen as the threat. At that point the decision got some critique because it happened just after the defense had modernized the listening post for 23 million DKK.

In connection with the decision to close the listening post in 2012, former commandant of the Danish Defense Academy major general Karsten Møller said that it had been clear since the mid 1990s that there were no serious military threats is Eastern Europe:

“The Russian forces were in a terrible condition, the Warsaw Pact had broken down, and the Baltic Fleet was basically rusting up idly. But when the listening post was allowed to exist for so long, it has probably been a result of local politics as well. At the same time some people in the military continued to have a Cold War mindset and were not convinced that it was over.”

What a difference a few years can make.

Jamming of phones and GPS during Zapad causes concerns

Did Russia jam GPS signals in Norway and phone services in Latvia and Sweden and during exercise Zapad in September? Apparently there are many indications that they did, and now Secretary-General of NATO Jens Stoltenberg has expressed his concerns about the Russian demonstrations of electronic warfare capabilities.

Ideally, military units have redundant systems so they are able to continue operations despite the application of electronic warfare on the battlefield. This may not always get enough attention during exercises, but at least military units are aware that electronic countermeasures exist, and they have some kind of prepared response to it. Military ships, for example, should be able to navigate safely without GPS.

The civil society is much more vulnerable. For most people cellular phones are crucial in emergency situations, and effective GPS jamming could be dangerous for transportation systems, potentially leading to accidents.

Suspicions are that the Russian GPS jamming in Norway was applied in order to disrupt their own forces during training, whereas the phone jamming in Latvia and Sweden was perhaps a deliberate attempt at disturbing these countries. Regardless, it is dangerous to apply such measures, and it shouldn’t be done without prior notice. The Latvian emergency phone service was shut down for several hours, and although there are no reports of anybody not receiving necessary help during the attack, real people could have suffered as a result.

Nordic countries enhance cyber collaboration

Nordic countries are enhancing collaboration about cyber defense. Sweden, Denmark, Finland, and Norway have agreed to develop capabilities under NORDEFCO. And apparently Finland is taking the lead.

Gerard O’Dwyer writing for Fifth Domain:

Within NORDEFCO, Finland has taken the lead role to develop Computer Emergency Response Team capabilities that have the capacity to better protect Nordic defense IT, core force systems and critical infrastructure against cyberattacks.

The deepening of Nordic collaboration is running parallel to increasing defense and hybrid threat cybersecurity investments by governments in all four countries.

Election fraud story, German edition

Maks Czuperski has a fascinating look at the role of Russian botnets in the propagation of fake stories about election fraud in Germany:

Comments from the fringe on the eve of the German election took various forms, including official posts, posts from probable fake accounts, and bot amplification. While no evidence of fraud was presented in the posts, the narrative they all spread is the same: the AfD is in danger of election fraud, and its members should be on the alert to prevent it.

This behavior seems pitched to increase tensions, not least in the polling stations and counting areas. Should the AfD fail to perform well at the urns, it is likely to lead to online accusations of election fraud, potentially undermining the legitimacy of the vote.

The line between war and peace is getting hard to define.