Government Demands Strong Action After LVM Cyberattack; Critical Gaps in National Cybersecurity Revealed
After a cabinet meeting on the cyberattack against Latvijas valsts meži, the PM revealed that only 21% of state institutions have business continuity plans. 85% of LVM data has been recovered; election system unaffected.
/nginx/o/2026/07/01/17752220t1h049a.jpg)
On July 2, 2026, the Cabinet of Ministers held an emergency meeting to discuss the recent cyberattack on AS "Latvijas valsts meži" (LVM) and the overall state of cybersecurity. Prime Minister Andris Kulbergs and Defense Minister Raivis Melnis addressed the media afterward, outlining critical shortcomings and planned measures.
Kulbergs expressed strong dissatisfaction, highlighting that 80% of state institutions lack a business continuity plan. Only 21% of state institutions and 31% of private companies have such plans, with municipalities faring even worse due to a shortage of specialists and awareness. He also criticized non-compliance with the Cybersecurity Law, which has been in effect for two years.
The Prime Minister noted that attackers exploited a two-year-old software version with a known vulnerability that had not been patched despite annual audits. He demanded personal accountability for these failures. The first signs of intrusion were detected on June 11, active data encryption began around June 22–23, but the crisis meeting was only convened on June 25.
Defense Minister Melnis reported that responsibilities for incident response were assigned at the June 25 meeting. Currently, 85% of LVM data has been recovered; the "Mednis" hunter system is expected to resume operation tomorrow. However, the "LVM GEO" module's full restoration timeline remains unclear. The election system module was not affected—code comparisons before and after the attack showed no changes. An official audit is expected within a week. According to security services, there is no direct threat to the state from leaked data.
/nginx/o/2026/04/20/17573457t1h086f.jpg)

