A vulnerability in a Web server contributed to the attacks on some 300 websites in Lithuania earlier this week, a computer security expert said A vulnerability in a Web server contributed to attacks on some 300 websites in Lithuania earlier this week, a computer security expert said on Friday.The sites were defaced after Lithuania passed a law prohibiting the public display of symbols dating from the Soviet Union era, as well as the playing of the Soviet national anthem.The attacks, which started on Sunday and subsided by Monday, saw many sites defaced with pro-Soviet slogans and symbols in an apparent retaliation from hackers.The majority of the sites were hosted on a single physical Web server, which had a vulnerability either in the Web server software or Linux operating system, said an official with Lithuania’s Computer Emergency Response Team (CERT) on Friday. The hosting company was advised on how to fix the problem. The server was hosted by a company called Hostex, formerly known as MicroLink Lithuania, said Marius Urkis, head of the Academic and Research Network (LITNET) CERT, a different but related computer security organization.The attacks in Lithuania were reminiscent of a similar situation in Estonia in April and May 2007, after the government there decided to move a Soviet-era memorial to soldiers who served in World War II. That decision caused protests and violence from the Russian minority living in Estonia. websites run by the government, bank and schools experienced severe denial-of-service attacks, which were blamed on pro-Russian hackers. The Russian government denied involvement or knowledge of the attacks. In Lithuania, the passage of the law has not caused protests or much outcry, although the ethnic Russian population in Vilnius is less than 10 percent, Urkis said.Urkis said it is possible some Russians are upset over the law and would undertake the cyber attacks.The CERT official said that the matter has been referred to the police, which has a special department under the Ministry of the Interior that handles cybercrime.Officials do know that proxy servers likely located in Western Europe were employed to perform the hacking. That could make it more difficult for investigators, who will have to trace a winding electronic path in an attempt to find the perpetrators.“I think it will take some time to find the real attackers,” the CERT official said. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe