The report states that 2,888 cyber incidents were recorded in Lithuania in 2025. It is claimed that the lower percentage of cyber incidents was due to both more effectively implemented preventive measures by the National Cyber Security Centre (NKSC), including the blocking of more than 70,000 pieces of malicious data, and growing cyber security awareness among organisations.
However, some incidents may not have been reported due to differing interpretations of legal regulations or a lack of expertise in identifying cyber incidents.
According to the report, the most common cyber incidents—specifically 2,118 cases—were related to the hosting service infrastructure of foreign entities used to publish and distribute malicious content. At the same time, a few major incidents were recorded—19 in total.
Susiję straipsniai
In addition, another trend emerged in 2025: nearly twice as many cyber incidents occurred in the information systems of Lithuanian legal entities. Last year, 280 such incidents were recorded, compared to 155 in 2024.
„This means that the greatest risk arises within organisations. These incidents most often occur due to the human factor: a lack of employee vigilance and a lack of security knowledge,“ the report states.
In 2025, an increasing number of cyber incidents (267) were also recorded in Lithuania’s digital infrastructure. It is stated that these incidents are related to service disruptions, hacking attempts, and various operational disruptions.
„It is worth noting that the structure of cyber threats remains largely unchanged—more than 54% of all incidents are related to social engineering. On the other hand, the number of such incidents in 2025 was nearly one-third lower than in 2024. Even as technological resilience grows, the greatest risk remains linked to human behaviour, vigilance, and the ability to recognise deception schemes,“ the NKSC report states.
It is emphasised that the compromise of user accounts remains the primary method of intrusion. The NKSC identified more than 106,000 leaked login credentials from public and private sources and notified 221 organisations—sending nearly 3,000 alerts (in 2024, 2,000 such alerts were sent).
„This indicates that data leaks continue to serve as a basis for further attacks, and the main causes of data leaks are malware designed to secretly collect user data and transmit it to malicious actors, as well as the human factor,“ writes the NKSC.
It is also emphasised that the problem of vulnerabilities in networks and information systems (hereinafter referred to as TIS) detected by the NKSC remains relevant.
„Websites, web applications, and network devices remain among the most common targets of cyber threats, and the vulnerabilities identified indicate that some organisations still do not adequately ensure the protection of publicly accessible systems and do not promptly address known vulnerabilities,“ the NKSC states.
Enhanced inter-agency cooperation
The report also notes that there is a growing trend in which cyber threats, particularly fraud based on social engineering principles, span multiple sectors simultaneously and can no longer be effectively managed by individual agencies. It adds that such threats simultaneously affect the fields of law enforcement, finance, electronic communications, and cybersecurity, including the interests of individuals and organisations.
„Therefore, the greatest value is created through the rapid exchange of information, coordinated actions, and harmonised preventive measures. With this in mind, the Bank of Lithuania (LB), the Lithuanian Police, the Prosecutor General’s Office, the National Cyber Security Centre (NKSC), the Communications Regulatory Authority (RRT), and the Anti-Money Laundering Competence Centre signed a memorandum of cooperation on March 27, 2025, to reduce fraud in the digital space,“ the report notes.
„The memorandum aims to pool the capabilities of these institutions in the joint fight against fraud in the digital space, ensuring rapid information exchange, coordinated response, joint preventive measures, and more effective public warnings about threats,“ adds the NKSC.
It is noted that in July 2025, the NKSC and the Bank of Lithuania also signed a cooperation agreement on the exchange of information regarding cyber incidents in the financial sector.
„For the Bank of Lithuania, as the financial market regulator, was the first to join the NKSC’s National Cyber Incident Management Platform, creating the conditions for automated real-time exchange of information on incidents and cyber threats, faster response to threats, and the development of closer cooperation between different sectors,“ states the NKSC.
In 2025, experience has shown that the most effective response to digital threats is not isolated solutions, but continuous cooperation between government agencies, regulators, law enforcement, and critical sectors. This not only speeds up the response to incidents but also strengthens Lithuania’s overall cyber resilience,“ the report states.
The National Cyber Security Status Report is an annual overview of Lithuania’s cyberspace. It is prepared by the Ministry of National Defence (MND) in collaboration with the National Cyber Security Centre (NKSC), the Lithuanian Police, the State Data Protection Inspectorate (VDAI), the Communications Regulatory Authority (RRT), and the Strategic Communications Department of the Lithuanian Armed Forces.
However, the report’s presentation comes at a time when the public is abuzz over the leak of data from the Registry Centre (RC)—a significant cybersecurity issue—prompting the Prosecutor General’s Office to announce last Friday that it had launched a pre-trial investigation.
It is suspected that more than 600,000 registry records may have been leaked, resulting in damages of at least EUR 111,000.
Following the release of this information, Prime Minister Inga Ruginienė and Minister of Economy and Innovation Edvinas Grikšas called on RC Director Adrijus Jusas to step down. On Monday, he announced his resignation, and the agency will be temporarily led by Giedrius Cininas, head of the Prevention Department, until a new director is appointed.