| Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Science and Innovation-Focused Programs Will Address Societal Challenges’. |
Technology is advancing rapidly, reshaping the economy, governance, and everyday life. However, as innovation advances, so do digital risks. Technological change is no longer available in a country like Lithuania, either. From e-signatures to digital health records, the country depends on secure systems.
Cybersecurity has become not only a technical challenge but a societal one – requiring the cooperation of scientists, business leaders, and policy makers. In Lithuania, this cooperation has taken a concrete form – a national initiative sponsored by the government. Coordinated by the Innovation Agency Lithuania, the project aims to strengthen the country’s cyber security and digital resilience.
Under this umbrella, universities and long-term technology companies work together to transform scientific knowledge into market-ready, high-value innovations. Several of these solutions are already being tested in real-world settings, for example, in government agencies and critical infrastructure operators. As Martynas Survilas, Director of the Department of Innovation Development at Innovation Agency Lithuania, explains:
“Our goal is to turn the power of science in Lithuania into a real impact – solutions that protect citizens, strengthen trust in digital services, and help build an inclusive, innovative economy. The time for isolated research is over. In fact, science and business must work together to keep up with complex, hybrid threats.”
National Mission: A safe and inclusive IE-Society
Among the three national strategic missions launched under this program, one stands out for its relevance to the global digital environment: “IE-Safe and Inclusive Society”, coordinated by Kaunas University of Technology (KTU).
The goal aims to increase resilience on the Internet and reduce the risks of personal data breaches, focusing on everyday users of public and private electronic services, directly contributing to transforming Lithuania into a secure, digitally empowered society. Its total value exceeds €24.1 million.
The KTU alliance includes the top Lithuanian universities – Vilnius Tech and Mykolas Romeris University – and leading cybersecurity companies such as NRD Cyber Security, Elsis PRO, Transcendent Group Baltics, and the Baltic Institute of Advanced Technology, as well as the industry association Infobalt and the Lithuanian Cybercrime Competence, Research and Education Competence.
The research and development efforts of these devices cover a wide range of cyber security challenges that define today’s digital landscape. Teams develop intelligent, flexible, and self-learning architecture. In the financial sector, new AI-driven security systems are being developed to protect FinTech companies and their users from fraud and data breaches. Industrial security is strengthened with examples of threat-detecting sensors for critical infrastructure, while hybrid threat management systems are being developed for use in public safety, education and business environments. Other research focuses on combating disinformation with AI models that automatically detect combined bot and troll activity, as well as creating intelligent platforms for automated cyber threat intelligence and real-time analysis.
AI Fraud: A New Type of Threat
According to Dr. Rasa Brūzgienė, Associate Professor at the Department of Computer Science at Kaunas University of Technology, the emergence of Generative Artificial Intelligence (GenAI) and large-scale linguistic models (LLMs) has fundamentally changed the concept of fraud against e-government services.
“Until now, the main defense has relied on pattern-based detection – for example, automatic filters and firewalls can detect repeated fraud patterns, common phrases or structures,” he explains. “However, GenAI has removed that ‘pattern’ boundary. Today, criminals can use generative models to create context-accurate messages. The models are able to write without programming errors, use exact words, and replicate the communication pattern of institutions. This means that phishing emails are no longer ‘classic fraud’ but harder to detect, even by automated human filters.”
He emphasizes that both the level and the quality of the attacks have changed: “The rate has increased because GenAI allows the automatic generation of thousands of different, non-repeating fraud messages. The quality has increased because these messages are personalized, written in many languages, and often based on publicly available information about the victim. The result: traditional firewalls and spam filters lose their effectiveness, phrases that may lose their effectiveness due to their repeated characteristics. Change The largest is no longer a large scale, but it is real, In other words, modern attacks do not look like fraud – they look like normal legal communication.
Criminals today, Dr. Brūzgienė warns, they have access to a vast arsenal of AI tools. They use models like GPT-4, GPT-5, Claude, and other open source methods like Llama, Falcon, and Mistral – as well as dark variants like FraudGPT, WormGPT, or GhostGPT, which are specially designed for malicious operations. “They can synthesize voices using ElevenLabs or Microsoft’s VALL-E from just a few seconds of the person speaking. To create fake faces and videos, they use StyleGAN, Stable Diffusion, DALL-E, and DeepFaceLab, as well as lip sync solutions like Wav2Lip and First-Order-Motion,” he notes.
What’s even bigger, he adds, is how these tools are programmed together: “Criminals generate visual facial images, depth videos, and copies of documents with well-edited metadata. LLMs generate high-quality, personalized phishing scripts and log-in conversations, TTS and voice-cloning models reproduce victims or employee photo videos generate voice videos that fool. Automated AI agents then he manages the rest – creating accounts, uploading documents, and responding to challenges these multimodal chains can pass both automated and human authentication based on trust.
“The scary part,” concluded Dr. Brūzgienė, “how all this has become possible. Commercial TTS solutions such as ElevenLabs and the open source implementation of VALL-E offer high-quality voice cloning to anyone. Fake profiles are connected in a short time.
AI-Powered Social Engineering
Another new frontier is AI-driven social engineering. Attackers no longer rely on static scripts – they use LLMs that adapt to the victim’s reactions in real time.
Bots start with auto-recognition, social media scraping, technical indicators, and leaked databases to create personalized profiles. Then, the LLM creates initial messages such as the human voice or the language of the institution. If there is no response, the system automatically changes channels – from email to SMS or Slack – and changes the tone from formal to urgent. If the target hesitates, the AI generates sound confirmation, citing actual internal policies or procedures.
In one typical scenario, a “coworker” writes a work email, follows LinkedIn, and makes a phone call using integrated voice — all programmed by connected AI tools. Dr. Brūzgienė describes this as a new phase in the evolution of cybercrime: “Social engineering has become more accessible, smarter, and deeply personal. Each victim has a unique, flexible deception designed to exploit their psychological and behavioral weak points.”
Lithuanian Cyber Defense Leadership
Lithuania’s digital ecosystem – known for its advanced e-government architecture and centralized electronic identity (eID) systems – faces unique challenges. However, it also shows remarkable progress. The country has risen slightly in international indices, ranking 25th globally in the Chandler Good Government Index (CGGI) and 33rd in the Government AI Readiness Index (2025).
Lithuania’s AI strategy (2021–2030), revised to 2025, prioritizes AI-driven cyber defense, anomaly detection, and resilience building. The National Cyber Security Center (NKSC) integrates AI into threat monitoring, reducing ransomware incidents by five times between 2023 and 2024. Cooperation with NATO, ENISA, and EU partners further enhances Lithuania’s hybrid defense capabilities.
“We see resilience in the Internet not just as a technical exercise but as a foundation for democracy and economic growth,” said Survilas. “With the goal of a safe and inclusive e-society, we not only protect our digital infrastructure but also empower citizens to trust and participate in the digital world. AI will be used for malicious purposes, but we can use AI to protect. The key is cooperation in all sectors and continuous education. This mission is one of the tools that help us turn those ideas into pilots, concrete projects in Lithuania.”
