In a recent cyber incident, thousands of Latvians inadvertently watched a Victory Day military parade broadcast from Moscow due to a sophisticated hacking operation. This cyberattack targeted the television channels operated by Balticom, a major communications provider in Latvia. During the attack, the hackers did not directly infiltrate Balticom’s systems but instead compromised a content delivery partner located in Bulgaria. As a result, all of Balticom’s rebroadcast television programs displayed the Moscow parade, temporarily displacing the scheduled content.
The attack was attributed to Russian hackers, aligning with the timing of Russia’s annual May 9th celebration, which commemorates the victory over Nazi Germany. The manipulated content featured the military parade outside the Kremlin, which was broadcast across Balticom’s network. This incident represents a significant example of media manipulation, used here as a tool in broader geopolitical tensions and conflicts.
Latvian authorities, including the National Electronic Mass Media Council and Cert.lv, the national IT security incident response institution, quickly responded to the incident. They clarified that this was not merely a cyberattack against Latvia’s infrastructure but part of a larger pattern of Russian hybrid warfare tactics. Such actions are likely to continue, posing ongoing challenges to national and cybersecurity in the region.
The manipulation was relatively short-lived, affecting around 5% of Balticom’s subscribers, and authorities have since regained control over the broadcasts. Despite the brief duration, the incident has raised concerns about the vulnerability of national media systems to foreign interference. Cert.lv is actively investigating the breach in cooperation with Balticom to prevent future occurrences and to understand how the hackers breached the servers in Bulgaria. This incident marks the second similar attack within a short period, pointing to a disturbing trend of cyber disruptions linked to geopolitical motives.
