Targeting of Latvian, Lithuanian, and Ukrainian computer systems
Date of report
  • February 2022
Russian threat actors targeted computer systems in Latvia, Lithuania, and Ukraine with a wiper dubbed HermeticWiper. The malware was aimed at Windows devices, corrupting systems’ master boot records, displaying signs of ransomware as a decoy, and destroying stored data. This followed another wiper attack aimed at Ukraine in January. 
Suspected victims
  • Latvian, Lithuanian, and Ukrainian computer systems owned by banks and government contractors, as well as systems used by the defense, aviation, and IT sectors
Suspected state sponsor
  • Russian Federation
Type of incident
  • Data destruction
Target category
  • Government
  • Civil society
Victim government reaction
  • Unknown