Russian hacker group Killnet has claimed responsibility for a distributed denial of service (DDoS) cyberattack on Lithuania's public services.

Lithuania’s National Cyber Security Center (NKSC) under the Ministry of National Defense warned of ongoing DDoS attacks against Lithuania’s Secure National Data Transfer Network, other governmental institutions and private companies. The NKSC said the attacks disrupted access to services of users of the secure data network.

Russian hacker group Killnet told Reuters that it would continue to attack Lithuania in retaliation for its decision to close routes between the Baltic country and Russia’s Kaliningrad exclave for transport of steel and other metals under European Union sanctions.

Flashpoint, which published a blog post on the attacks, said the “train routes are essential in bringing in at least half of the exclave’s imports, prompting Russian officials to label the move as a ‘blockade’ and warn of harsh retaliation,” according to Threatpost.

According to Lithuania’s Prime Minister Ingrida Simonyte, government institutions are working 24 hours per day to “fix the problems as they are found.” Simonyte also noted that Lithuania had been experiencing many cyberattacks since Russia invaded Ukraine. 

Chris Clymer, Director and Chief Information Security Officer (CISO) at Inversion6, says, “Targeting another country with [cyber capabilities] arguably constitutes an act of war, but one less severe than kinetic attacks with missiles and tanks. Russia has a collection of theoretically autonomous groups like Killnet, which give it the ability to strike at its enemies while still denying responsibility not a new tactic.”

This year alone, Killnet has reportedly targeted Romania, Moldova, the Czech Republic, and Italy, with Lithuania now added to the list, Clymer says. “This harassment will continue, and what’s more interesting is that it doesn’t seem to have targeted the U.S. and major European powers as first expected. With what we know of internet infrastructure, it’s hard to believe this is because those targets are stronger. Perhaps the Russians are trying to stay focused on targets it feels it can afford to antagonize.”

As Lithuania is an EU and NATO member state, Toby Lewis, Head of Threat Analysis at Darktrace, says, "the potential implications under the EU Mutual Defence Clause or NATO Article 5 mean it will be significant to determine whether Killnet were explicitly directed by the Russian state in this instance or whether they are simply sympathetic to the nationalist agenda.”