The recent cyberattack on Latvijas valsts meži (LVM), in which a hacker managed to breach the company’s IT systems and gain control over data, demonstrates that Latvia’s strategic infrastructure remains relatively vulnerable to such attacks, Minister for Smart Administration and Regional Development Edgars Tavars said in an interview with TV3 on Friday.
The minister called on all government institutions to identify cybersecurity vulnerabilities within their own systems and learn from the incident. At the same time, Tavars expressed confidence that Latvia’s IT specialists are sufficiently skilled to prevent similar incidents in the future, provided they continue to carry out their work responsibly.
Tavars also reiterated that the electronic voter register, which is crucial for the upcoming parliamentary elections and had been developed by LVM, was transferred to the state before the cyberattack occurred and has not been compromised.
“At this point, there is certainly no reason to sound the alarm over the elections,” the minister said.
He also indicated that the government’s enhanced scrutiny of major IT procurement projects could remain in place even after the expiration of Prime Minister Andris Kulbergs’ current moratorium on large-scale IT procurements.
As previously reported, Latvijas valsts meži confirmed that a cybersecurity incident affecting its IT infrastructure was detected over the weekend.
Since the attack, several externally accessible IT systems maintained by LVM have been taken offline as a precaution, including the LVM GEO platform, the company’s map services, and the Mednis hunting application. Several internal systems supporting information exchange with service providers and business partners have also been temporarily disconnected.
Baiba Kaškina, head of Latvia’s national cyber incident response institution CERT.LV, has suggested that the attack appears to have been commercially motivated. According to her, the attacker has not attempted to remain anonymous in terms of activities, having boasted about the breach and published details of the operation on a hacker forum, where they showcased their “trophies.” Similar attacks have reportedly targeted companies in other countries.
LVM has filed a report with the State Police regarding the cyberattack.
Read also: BNN IN FOCUS | What can we expect from the IT procurement moratorium, the LSM logo controversy and will taxes really be raised?