CERT.LV Public Performance Report 2017

CERT.LV Public  Performance Report  2017 (PDF)

This report consists of publicly available information. Accounts of CERT.LV activity involving undisclosed information are excluded from this report. The report is purely informative.


2017 was a year characterised by a considerable shift in the development of various ransomware, which inevitably had its effect also here in Latvia. Until recently cryptoviruses were mainly used for financial gain by extorting a ransom from victims in exchange for the retrieval of their data, however last year various large-scale ransomware campaigns (e.g. WannaCry, NotPetya) took place, which had political aims and were most likely supported at a state level.

The advancement of the Internet of Things took a swift pace and is expected to continue at this rate throughout the next five years. The variety of products that can be connected to the internet is growing steadily, however manufacturers are not always sufficiently concerned with the level of security of these products. Although the industry has set certain security standards they are not always respected, and as of now protocols for confronting such manufacturers are not accordingly defined or implemented. As a result possibilities for abusing the Internet of Things are increasing. The incompliance to security standards is a growing concern of the owners of the critical infrastructure, whose objects are connected with smart components.

Data leakage incidents occurring in global cyberspace in 2017 were partly due to ill-informed usage of cloud services and their respective security levels. Users’ failure to fully understand the terms of use, the full capacity, and the security mechanisms of these services is a serious but solvable problem in the opinion of CERT.LV. Considering this, it is expected that 2018 will be a year when cloud service usage will be a topic of increasing importance on an individual, as well as the state level.

January 2017 saw one of the most positive developments of the year – regulations by the Cabinet of Ministers Nr. 442, “Procedures for ensuring the compliance of information and communication technology systems with the minimum security requirements” came into effect. Public authorities have begun to adapt the respective procedures and information systems, and implemented the requirements of these regulations in their tender specifications. This continues to contribute to raising the overall security level of the state.

Overall, in the time frame of this report, CERT.LV registered 477 252 threatened unique IP addresses, undertook 13 penetration tests on websites of various state and municipal authorities where 3 critical and 11 high hazard security vulnerabilities were detected. CERT.LV also provided the respective support to resolve incidents in the public and the private sector, as well as for law enforcement authorities. CERT.LV participated in 125 different events, and educated close to 8000 people.

Image: pixabay.com