VILNIUS and KAUNAS, Lithuania — Lithuania is rising to the top of those countries taking charge of their cybersecurity, and it’s development in cyberspace may benefit the rest of Europe and the United States.
Lithuania has reason to focus on cyberthreats: It’s no secret Russia targets the Baltic states with cyberattacks and disinformation campaigns. Though Lithuania saw a decrease in the number of total cyber incidents recognized last year, the country is reporting that the number of sophisticated cyberattacks increased by 41 percent. Those malicious incidents include malware, system intrusion and compromised systems.
On average, the country sees 55,000 incidents each year — roughly 150 incidents a day — which is a lot when compared to population numbers in Lithuania, a government official told Defense News on an Atlantic Council-organized fact-finding mission in May. Presentations and meetings were conducted under the Chatham House Rule, so the individual cannot be identified.
Lithuania has made cybersecurity a top priority and, because of its efforts, is recognized as one of the best prepared countries when it comes to cyberspace, only behind the United Kingdom, the U.S. and France, according to the Global Cybersecurity Index.
A team built around the alliance's Communications and Information Agency, NCI, is the defending champion at this year's "Locked Shields" event.
Lithuania officially adopted a national cybersecurity strategy in August 2018, which is aimed to keep cyberspace for both the public and private sectors resilient against attacks.
Through the strategy, Lithuania has taken several unique routes in its approach to cybersecurity, including charging the Ministry of National Defence with the sole responsibility of setting cyber policy. This has improved the organizational cybersecurity framework, the ministry reports.
The government is also building a secure state data-transfer network that is not linked to the public internet, which will be able to operate even if the public internet goes down, whether caused by a large-scale cyberattack or a natural disaster, in order to secure data and maintain reliable communication.
The strategy also promotes the development of cyber defense capabilities, so in 2018, Lithuania, in cooperation with the United States, established a regional Cyber Security Center in Kaunas that will partially focus on research and development of next-generation capabilities, including the design of hardware to prevent cyberattacks.
The Cyber Security Center is located in a nondescript office building adjacent to a busy skate park. It’s still a work in progress, with much of the floor space empty and awaiting expansion, but a small room of staff were already busy at computers and 3D printers, building hardware and software tools aimed at preventing cyberattacks.
One reason the center is focused on building its own hardware-based tools is because that approach is more secure, an official noted. The center has seven full-time staff members and two interns, and it is supported by the Pennsylvania National Guard, which will have personnel stationed at the center.
In addition to research and development, the center is also focused on training with partners and allies and conducting cyberthreat analysis.
The center is particularly interested in artificial intelligence and how that can enhance cybersecurity, real-time encryption and embedded-systems development, launching some of these R&D efforts last year and earlier this year.
By 2020, the center hopes to incorporate AI sensors into Lithuania’s core governmental network.
Work from the center has already made the Lithuanian elections process more secure, an official reported.
NATO has led a lot of the cyber efforts in Europe, but an exercise led by the European Union will focus on how governments coordinate across markets on cyber response.
Lithuania’s focus on cybersecurity isn’t just insular. The country participates at the international level by leading the European Union’s permanent structured cooperation, or PESCO, project on cyber rapid response teams and mutual assistance in cybersecurity.
PESCO is part of the EU’s security and defense policy that pursues structural integration among armed forces.
Lithuania and other EU countries are creating a common capability to respond to cyberattacks by developing a cyber toolkit that will support EU members in times of need, the Lithuanian MoD told Defense News in a statement.
In addition to developing cybersecurity tools, conducting research and holding exercises, it is foreseen that the regional Cyber Security Center in Kaunas might also serve as a subdivision of the EU cyber rapid response teams.
But challenges remain, and they’re not unique to Lithuania. The country acknowledges that technological solutions can’t fully counter new vulnerabilities. Cyberattacks against Lithuania are becoming more sophisticated, the MoD acknowledges, and have been associated with hybrid threats, where attacks were conducted in parallel to information warfare.
All of this is compounded by a growing number of devices in the country.
Social engineering methods are also being used actively and in different forms, the MoD reports, and the government networks and critical information infrastructure continue to be the most attacked sectors by malware.