Lithuania’s Vice-Minister of National Defence, Edvinas Kerza warns against sleeper viruses and other threats in cyberspace. During the CYBERSEC 2017 conference held under BiznesAlert.pl’s patronage, he advocated for a regional emergency response group with Poland’s participation.
BiznesAlert.pl: Lithuania’s Ministry of National Defense is dealing with critical infrastructure including in cyberspace. What threats you have identified?
Edvinas Kerza: Lithuania has changed its cybersecurity management model and handed over the reins to my ministry. I will be the only minister responsible for this issue.
Do you have one button that can shut down the entire system?
We have an exceptional legal solution. Our ministry is able to shut down any system for 48 hours even without a court sentence.
Why without a sentence?
In the current reality there is no time for delay. Time is crucial. Within a few minutes, up to half an hour, criminals may cut off a bank, steal information about an important institution, or take control over a power plant. We do not wait for a sentence, we disconnect the system, investigate the case and submit it to a judge. If there is no threat we restart the system.
What kind of threats are you fighting off?
There are internal and external threats. The external ones come from the East, mostly Russia. This pertains to intelligence and other actions whose goal is to steal information. Last year we monitored activity around military units, this year it is the energy sector. Recently we have detected attack attempts at government institutions.
What is the goal? Are they trying to steal information or attack the infrastructure?
It’s both. First of all, understanding the works, interdependencies. Secondly, controlling the system. This may be about implanting sleeper viruses in a system, which will be activated at a later point. They would be able to shut the system down, run a botnet. These are internal threats. After all we have the Internet of things. There are laptops, phones and internet cams at every house. Sleeper viruses could take control over them. Everybody is preparing for external threats. What will happen when they appear inside of the system? We may flawlessly protect our perimeter against external attacks, but we will be defenseless inside the country. Viruses are able to shut down power plants, dams on rivers, or bank systems.
What is the future of the Polish-Lithuanian cybersecurity cooperation?
One of my main tasks during the CYBERSEC 2017 conference will be to talk to every Polish official who is responsible for cybersecurity. Last week we had a visit from the Polish Sejm’s Committee for National Defense. The members visited our cybersecurity center. It is high time to take the next step and turn our cooperation into practice. Poland, the Baltic States and perhaps the Scandinavian countries, such as Finland, could strengthen their cooperation and create, for instance, an emergency response group to cyber threats based on CERTs. This is mostly about joint exercises, learning, developing tools, and about reacting to threats together.
Interview by Wojciech Jakóbik