Latvia says Russia remains its top cyber threat as attacks hit record high

Summary

Latvia’s national security service (SAB) says 2025 saw a record high in registered cyber threats against the country, with activity rising well above pre-2022 levels. Most incidents were cybercrime and digital fraud and did not critically disrupt services, but SAB recorded more serious cases too — intrusion attempts, malware distribution, equipment compromise and DDoS attacks.

The report names Russia as Latvia’s principal cyber risk, linking attacks to Moscow’s strategic aims and Latvia’s support for Ukraine. SAB warns of growing exposure in operational technology (OT) used for energy, water and transport, which often lack robust cybersecurity. Russian-linked hacktivists have shown willingness and capability to target industrial control systems to cause short-term disruption and intimidate.

DDoS campaigns against government bodies and municipalities frequently coincide with politically sensitive events. SAB expects the Russian threat to remain high into 2026 and beyond and notes a worrying shift in how Moscow perceives Latvia — increasingly similar to its pre-war view of Ukraine. The warning aligns with wider European concerns about ‘hybrid warfare’ that combines cyberattacks, sabotage and influence operations.

Key Points

2025 marked an all-time high in registered cyber threats against Latvia, surpassing levels before Russia’s 2022 invasion of Ukraine.
Most incidents were linked to cybercrime and fraud, though the year included significant intrusions, malware incidents, equipment compromises and DDoS attacks.
SAB identifies Russia as the main source of cyber risk, driven by political motives and Latvia’s support for Ukraine.
Operational technology for energy, water and transport is increasingly at risk due to insufficient cybersecurity protections.
Russian-linked hacktivists have targeted industrial control systems to create disruption, intimidate populations and punish support for Ukraine.
DDoS attacks against government and municipal services are often timed with politically sensitive decisions or announcements.
SAB warns the threat will remain high regardless of the war’s outcome and flags a shift in Russia’s perception of Latvia that could lead to bolder hostile actions.

Context and Relevance

This report matters beyond Latvia — it illustrates a broader European trend of persistent, politically motivated cyber pressure from Russia that mixes criminal, hacktivist and state-linked activity. For governments, critical infrastructure operators and security teams, the key takeaway is the rising exposure of OT systems and the need for stronger defensive measures, incident response planning and international cooperation (EU/NATO). The pattern of DDoS and targeted disruptions timed to political events also underscores the hybrid-war nature of contemporary threats.

Why should I read this?

Short version: if you look after digital systems, infrastructure or national-security plans, this is worth five minutes. Latvia’s report shows attackers mixing petty criminality with politically timed, potentially disruptive strikes — and OT systems are a weak spot. Read it to get a clear, current snapshot of how hybrid cyber threats are evolving in Europe and what to watch for in 2026.

Source

Source: https://therecord.media/latvia-says-russia-remains-top-cyber-threat-record-attacks