Lithuania and Poland have warned that increased geopolitical tension could trigger cyber-attacks and power cuts in Eastern Europe.
Lithuania’s central bank has reportedly told the country’s banks to prepare for digital assaults and the sudden loss of electricity and internet access.
A letter sent by the bank to financial institutions and seen by Reuters detailed various “extreme but possible” scenarios that could occur should relations between Russia and Ukraine deteriorate.
The letter instructed banks to actively test their ability to withstand cyber-attacks and ensure contingency plans were in place to respond to threats, including ransomware attacks and distributed denial of service (DDoS) attacks.
Fears of a Russian invasion of Ukraine were activated after Russia positioned over 100,000 troops near Ukraine’s borders. Russia has dismissed the movement of troops as a mere training exercise.
Lithuania, Estonia and Latvia all share a power grid with Russia operated from Moscow, leaving them vulnerable to attacks on Russia’s critical infrastructure.
Meanwhile, Poland’s Government Center for Security (GCS) has warned security services and public administration to be on the alert for cyber-threats.
On Tuesday, the GCS introduced an ALFA-CRP alert level across the country that will remain in place until 11:59 pm on February 28.
“The ALFA-CRP alert is a signal for security services and the whole public administration to be particularly vigilant,” said the GCS in a tweet.
“This means that the administration is obliged to conduct increased monitoring of the state of security of ICT systems.”
Poland and Lithuania’s actions come after Ukraine’s defense ministry, army and two of the country’s banks came under cyber-attack on Tuesday.
At least 10 Ukrainian websites were knocked offline by attackers sending a barrage of junk data packets. Customers at state-owned banks Privatbank Sberbank reported experiencing problems with banking apps and online payments.
On Tuesday, Ukrainian cyber defense official Victor Zhora told Reuters that the perpetrator(s) of the attacks had not been identified.
“We need to analyze logs from IT providers,” said Zhora.
He added: “We don’t have any information of other disruptive actions that (could) be hidden by this DDoS attack.”