SOCshare: cyber threat tendencies in Lithuania during December 2023

Ransomware – the most popular attack type in Europe  

According to ENISA, ransomware attacks are one of the most common types of cyber incidents in Europe. 2022 was a year when ransomware attacks were extremely common and became the “leading” type of cyber attack. To carry out such attacks, cybercriminals are using continuously evolving techniques and a wider range of tools. Often this is a coordinated effort by organised groups. Ransomware as a Service (RaaS) becomes increasingly more popular. 

The December ransomware attack also targeted Vilnius City Council

In the first half of December, cyber criminals encrypted the data of the Vilnius District Municipality and the most recent backup copies of the data. Within a few days, Kaunas University of Technology (KTU) also reported a similar cyber-attack.   

Our SOCShare project partner Vilnius City Municipal Administration (VMSA) was also targeted, but thanks to automated tools and vigilant staff who quickly reported potentially malicious emails, the threat was quickly removed. 

According to the Lithuania’s NCSC, it is noticeable that ransomware attackers are becoming more “diligent” – they are preparing for attacks in a very systematic and targeted way, and no longer leave encryption errors as before. Lithuania’s position is not to support such crimes with payments, as the money will be used for further development of similar criminal tools and the likelihood of data recovery is not high. The solution is therefore to prevent such attacks.  

What do we see?  

During the SOCShare project, the NRD Cyber Security CyberSOC team and VMSA security analysts share prominent threat indicators. In December, there were no major changes, with the majority of attacks focusing on ransomware-type threats, while the primary access point remained malicious emails and links. However, in December, a trend towards providing text in both SMS and malicious emails in Lithuanian, pretending to be a parcel service, became apparent. 

 

 

 

Security automation: from idea to tool
SOCcare May 2025 Malpeek: Analysis of a "copyright infringement" malware
SOCcare May 2025 Malpeek: Analysis of a "copyright infringement" malware
NRD Cyber Security recorded strong growth and international expansion in 2024
NRD Cyber Security recorded strong growth and international expansion in 2024
Building awareness is a continuous effort
Building awareness is a continuous effort
Facilitating dialogue on NIS2 within the Lithuanian cybersecurity ecosystem
Facilitating dialogue on NIS2 within the Lithuanian cybersecurity ecosystem
Developing a culture of CTI sharing in Lithuania
Developing a culture of CTI sharing in Lithuania
Festivities in Lithuania in 8 episodes
Festivities in Lithuania in 8 episodes
SOCshare December 2024: cyber threats for elderly
SOCshare December 2024: cyber threats for elderly