December 2, the Cyber Security Council met to discuss the current cyber security issues: from ransomware attacks to the establishment of a new National Coordination Centre at the Ministry of National Defence.
“We have drafted legislation that strengthens security of 5G infrastructure, we have made sure there is a responsible bug identification procedure put in force, we have also carried out joint projects with Lithuania’s strategic partner the United States, and we are engaged in the discussion on the European Union legislative initiatives,” Vice Minister of National Defence Margiris Abukevičius underscored to representatives of public and private sectors, education and scientific institutions at the third Cyber Security Council meeting this year.
When addressing the ways to eliminate untrusted technology from critical information infrastructure and public institutions, M. Abukevičius stressed that security enhancement had been already carried out in 5G sector, while the Ministry of National Defence had also proposed amendments to the law of public procurement recently that would manage national security risks arising from the use of untrusted IT, equipment or services in critical infrastructure. The proposed amendments would take it even further and prevent procurement of Chinese, Russian, and Belarusian-made technologies.
Another relevant topic addressed was the management of risks presented by malicious websites. The analysis of website security status in Lithuania has revealed that the most significant challenges are currently posed by malicious websites and there is room for improvement in the process of such risk management, as well as measures not resorted to yet. The proposals drafted by the initiative of the Ministry of National Defence in this area will help the responsible institutions to quickly and effectively prevent “malicious” websites and protect web users as a result.
Member s of the Council were also introduced to the study completed in the summer earlier this year by the National Cyber Security Centre on the risks presented by Chinese-made 5G smartphones. The study has been noticed worldwide thus underlining the potential cybersecurity risks arising from use of certain smartphone software in public institutions.
The counter ransomware actions introduced by the U.S. Administration were also discussed at the session. The initiative aims to pull together authorities from across different countries for the fight against shared threats, i.e. ransomware cyberattacks. The Ministry of National Defence is already engaged in the initiative and encourages other institutions to do the same. “We have no reason to think we are safe from the ransomware attacks which are proliferant in other European countries and the United States. We have to get ready for it and to build our capacity like the attacks were already ongoing,” underscored M. Abukevičius.
A brand new bay of activity for the Ministry of National Defence has been unveiled for the Council as well. The European Cybersecurity Industrial, Technology and Research Competence Centre and the Network of National Coordination Centres are established on the basis of the regulation of the European Parliament and Council. Moreover, according to the provisions of the regulation, a National Coordination Centre will be established at the Ministry of National Defence. It will be opened next year and by 2023 it will have acquired enough capacity to fund cybersecurity projects of small and medium companies and startups.
The Cyber Security Council is an independent standing collegial advisory body. It was established in 2015 for analyzing the status of cyber security in Lithuania and rendering advice to cyber security players on possible improvements of the cyber security status together with other representatives of the public and the private sectors and education and scientific research institutions.
Photo credit: A. Pliadis/MoD
