Cyber Incident Victim: LRT
Date:
Mar 2025
Location:
Lithuania
Summary
LRT.lt experienced a cyber‑attack targeting its news website that began on a Sunday and grew stronger on Monday, causing error messages for readers before being contained. The broadcaster’s Internet Department head said the attack intensity doubled twice, but operations continued and damage was prevented, though the possibility of future attacks remains. The outlet had previously flagged cyber‑attacks as a major risk and maintains measures to keep its service uninterrupted during emergencies.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Sunday, LRT.lt experienced the onset of a cyber‑attack targeting its news website, according to Riardas Baltaduonis, head of the Internet Department at LRT. The attack initially appeared to be of a normal scale, similar to routine incidents that usually go unnoticed by users. In the early hours of Monday, the intensity of the attack doubled, leading to noticeable disruptions for visitors. By Monday afternoon, the attack intensity doubled again, resulting in error messages being displayed to some readers. The escalation prompted heightened monitoring by LRT’s technical staff.
LRT’s response team eventually stopped the attack and prevented any damage to the broadcaster’s operations, ensuring that the news website remained functional. Baltaduonis noted that while the attack was halted, it remains uncertain whether similar incidents will recur in the future. LRT had previously classified cyber‑attacks as one of the most serious risks to its operations and had implemented preventive measures aimed at avoiding service interruption. The broadcaster emphasized its commitment to maintaining continuous service, especially given its role as the primary source of information during emergencies. No further details about the attack’s origin or methods were disclosed in the report.