LVM IT Expert: Higher Security Requirements Ahead After Cyberattack
Translated from Latvian, summarized and contextualized by DistantNews.
At a glance
- LVM's IT infrastructure director, Māris Kuzmins, stated that higher security requirements will be implemented following a recent cyberattack.
- The attack exploited a system vulnerability due to updates not being applied for two years, not a seven-year-old exploit as initially reported.
- While the situation is stabilizing, some systems, including "LVM GEO" and services for two-thirds of clients, are still being restored.
Latvian State Forests (LVM) will enforce stricter security measures following a recent cyberattack that disrupted its IT infrastructure, according to Māris Kuzmins, the company's IT infrastructure and development director. While LVM systems have historically been robust, the incident underscores the need for heightened vigilance and more stringent security protocols moving forward.
Kuzmins clarified that the recent breach was not due to a seven-year-old vulnerability, as some reports suggested. Instead, the attack exploited a weakness in a system that had not received updates for two years. He described this timeframe as "a normal situation" for the specific database, which was otherwise functional but contained the vulnerability. "Unfortunately, it also had a vulnerability," Kuzmins stated.
The database or system was exactly as we needed it, but unfortunately, it also had a vulnerability.
He emphasized that LVM systems are constantly defending against numerous daily and monthly attacks, characterizing the recent incident as "quite peculiar and unique." Although the situation has largely stabilized, the recovery process remains challenging. A few systems are still being brought back to full operation, including the "LVM GEO" mapping service. Additionally, about two-thirds of LVM's clients are still awaiting the full restoration of their services.
Kuzmins anticipates that the "LVM GEO" system will regain partial accessibility by Wednesday, with efforts focused on restoring more complete, though not 100%, functionality by the end of the week. The full resolution of remaining issues might extend into the following week. Importantly, Kuzmins confirmed that no data loss has occurred, as backups have been maintained. However, he acknowledged that personal data of users, service providers, or partners registered in LVM systems may have been compromised, and the extent of this breach is still under investigation.
We repel very many and various attacks every day, every month.
Originally published by Delfi Latvia in Latvian. Translated, summarized, and contextualized by our editorial team with added local perspective. Read our editorial standards.