Cyber Incident Victim: Corruption Prevention and Combating Bureau

On July 25, 2022, Latvia’s Corruption Prevention and Combating Bureau (KNAB) experienced a cyber attack targeting multiple institutional resources. The attack occurred in the evening and disrupted public accessibility to KNAB’s Electronic Data Entry Systems, political parties’ financing databases, and the official mobile application Ziņo KNAB. KNAB confirmed the incident resulted in service interruptions but emphasized that all stored data within the affected databases remained secure. The bureau did not specify the exact duration of the outage or the number of systems compromised beyond the named resources. Information Technology Security Incident Response Institution of Latvia (Cert.lv) collaborated with KNAB to investigate and mitigate the attack, initiating restoration efforts shortly after detection.

Cert.lv representative Līga Besere attributed the attack to groups supporting Russia’s aggressive policies, identifying the method as a distributed denial-of-service (DDoS) attack. The attackers overwhelmed KNAB’s systems with high volumes of fraudulent access requests, rendering targeted resources temporarily inaccessible. Besere noted that such attacks typically focus on single targets due to the substantial resources required to sustain them. KNAB and Cert.lv implemented countermeasures to restore service availability, though no specific timeline for full recovery was disclosed. Cert.lv also provided KNAB with security recommendations to strengthen database protections against future incidents. The disruption impacted public access to critical anti-corruption tools, though no data breaches or permanent system damage was reported.