The global fight for internet infrastructure control has heated up, driven by more international competition, increasing cyber attacks and instances of economic espionage. Following the Russia-Ukraine war and escalating US-China tensions, countries are now rushing to protect data flows and vulnerable critical infrastructure for the coming years. Rising concerns about dependence on foreign-controlled hosting, internet protocols (IPs) and peering are also emerging.
Furthermore, the increasing cost of internet connectivity, driven by the near depletion of IPv4 addresses, as well as the growing frequency of routing attacks such as Border Gateway Protocol (BGP) hijacks, have also heightened the need for countries in the European Union (EU) to focus on digital sovereignty. After years of outsourcing and bureaucracy, many are still in the draft strategy stage.
However, through a series of coordinated and innovative strategies – including IPv6 deployment, local control of IP space, private sector alignment and peering networks – Lithuania has been taking a highly proactive approach to future-proofing its internet infrastructure, improving digital sovereignty and national resilience.
How Lithuania is building internet infrastructure resilience
Lithuania’s post-Soviet past has played a significant role in shaping its bid for digital autonomy, which relies on viewing internet infrastructure as a state asset. A tech-first governance model combines public-private partnerships, infrastructure policy and national security.
Back in the early 2000s, the country was already investing significantly in nationwide digital identity, e-government services and secure infrastructure for public data. Now it is doubling down on IPv6 deployment at scale as part of a strategy to future-proof its internet infrastructure. And the country is actively trying to encourage full IPv6 adoption, when IPv6 adoption across Europe has been relatively slower so far.
This shift is likely to help decrease dependence on almost depleted IPv4 addresses, while securing long-term address availability. IPv6 networks are also more efficiently structured, with better redundancy and shorter routing paths, strengthening resistance to disruptions and failures.
“With globally unique addresses, IPv6 restores end-to-end connectivity, enabling more transparent communication and better performance. This eliminates the need for current complex workarounds like NAT due to IPv4 address limitations,” says Martin Butler, professor of digital transformation at Vlerick Business School. “This gives nations more control over their network infrastructure and supports the scale needed for future digital services.”
Leasing out dormant IP addresses
Lithuania is taking strategic control of its IP address space by leasing out dormant IP addresses through private sector companies like IPXO. The company claims to have the world’s largest IPv4 leasing market, with more than 300 million leasable IPs across all regional internet registries (RIRs).
IPXO’s co-founder, Vincentas Grinius, believes that out of 4.3 billion IP addresses, 25% are not visible on the internet at all, with a considerable portion of the remainder being badly managed.
With globally unique addresses, IPv6 restores end-to-end connectivity, enabling more transparent communication and better performance Martin Butler, Vlerick Business School
“It’s not about the shortage, it’s about how efficiently that resource is utilised. A lot of enterprises have a legacy space that some of them forgot about. Some of them have legacy networks where they have a different system and they are locked within those,” he says.
“Our aim is to step into a deeper understanding of how we can defragment their networks and give them that single source of truth. It’s to help enterprises optimise their networks and remove the hurdle of multiple tools,” adds Grinius.
Butler emphasises that as countries strive to achieve greater digital sovereignty, controlling data flows and IP address space has become vital.
“Local routing policies enable governments and ISPs [internet service providers] to align their network operations with domestic laws, enhance visibility in critical sectors, and reduce dependency on foreign infrastructure. These actions strengthen resilience and help mitigate security risks such as route hijacking,” he says.
Not only can this generate additional revenue, but it could also reduce the need to lease address space from foreign companies, while curbing black market leasing and IP hijacking.
Another step is building up routing and peering infrastructure by enhancing BGP route filtering, growing internet exchange points and supporting domestic peering. This helps decrease latency, keep traffic local and control the risks of foreign routing dependency, which is vital for both national security and performance.
Simultaneously, Lithuania is developing top-tier response infrastructure through sector-specific cyber protocols and its National Computer Emergency Response Team (CERT-LT), in partnership with NRD Cyber Security. This allows the country to export CERT design, cyber security frameworks and routing strategies to other countries, further strengthening its cyber resilience leadership.
Apart from IPXO and NRD Cyber Security, the Lithuanian government consistently funds, supports and partners with several other private sector firms and business incubators, such as Hostinger, Tesonet, Telesoftas and Kaunas Tech Park.
By designing and operating domestic core stack services, these companies can significantly decrease the need for global hyperscalers, while being aligned with sovereign goals.
According to Eiviltas Paraščiakas, head of communications at Hostinger, one of the company’s main advantages over hyperscalers such as Amazon Web Services (AWS) and Google Cloud is speed. He said this unlocks lots of options, such as adapting to technology trends, delivering minimum viable products and experimenting with products.
He believes competitors would struggle to launch a product in a few weeks, as Hostinger did with its Horizons AI app platform, which simplifies web application development.
Kaunas Tech Park plays a key role in seeding and supporting Lithuania’s early-stage tech startups and scaleups. These work across cyber security, cloud-native and hosting technologies, the internet of things (IoT) and edge networking, among other areas. Through this collaborative system, Lithuania can scale up its digital infrastructure much faster than many of its EU peers.
What Europe could learn from Lithuania
One of the key takeaways from Lithuania’s internet infrastructure approach is that true sovereign digital resilience comes from first mastering control of the invisible but essential building blocks. Lithuania treats routing infrastructure, IP space, Domain Name System (DNS) and hosting as national and strategic assets, not just technical private sector tools. As such, the long-term resilience of these assets can be baked into the national digital agenda and routinely monitored and encouraged by the Ministry of the Economy and Innovation.
One of the key takeaways from Lithuania’s internet infrastructure approach is that true sovereign digital resilience comes from first mastering control of the invisible but essential building blocks
In contrast, several EU countries still outsource core infrastructure to foreign telecoms operators or hyperscalers. While their digital agendas are full of intention, they lag in implementation. Another lesson is to utilise dormant IP assets for leasing revenue, which can then be used for public infrastructure, research and development, and scientific ventures. This effectively reduces digital waste and decreases the internet’s carbon footprint.
Lithuania also demonstrates the benefits of fostering public-private tech partnerships with companies like IPXO, Tesonet, Hostinger and NRD Cyber Security. These firms highlight the multifold benefits of policy support, building products that strengthen national autonomy, like a global IP leasing marketplace, encrypted access and domestic hosting. By doing the same, the UK and EU could significantly reduce reliance on Chinese or US firms and enhance domestic internet infrastructure capabilities.
Lithuania’s strategy of exporting cyber resilience through sovereign infrastructure models could help other EU members and the UK develop themselves as global digital leaders as well. The country demonstrates the benefits of agility during initial-stage implementation of new internet infrastructure policies, through rapid deployment of IPv6 at scale, integrating national cyber architecture and changing registry policies. In addition, this could allow it to be much better equipped to deal with fast-evolving digital threats, unlike the UK, which is still bogged down by fragmented policies and red tape.
The challenges ahead
Yet even though Lithuania is making significant strides in internet infrastructure resilience, some hurdles remain. Butler points out that local IP space control and sovereign routing policies have their drawbacks: “Excessive centralisation or opaque filtering can undermine the internet’s open, distributed nature. Mandating that traffic stay within borders may reduce efficiency, increase latency and risk fragmentation outcomes that weaken rather than strengthen digital infrastructure.”
Yet despite impressive roll-out, Lithuanian IPv6 adoption across enterprise networks, consumer ISPs and regional governments is still somewhat patchy. This is mainly because several services and devices still depend heavily on IPv4.
Awareness of the benefits of IP address leasing is also slow, with Grinius noting: “It took us a lot of effort to educate the market that leasing is good and safe, if you have a safe environment to do that. A lot of the companies or government institutions, non-governmental organisations, have that old thinking, where you can’t do anything with the IP addresses within the third-party networks. We tried to change that because technologies are advancing, things are introduced faster and faster.”
With the country mainly relying on a few major firms, such as IPXO and Hostinger, for internet infrastructure, there is also a systemic risk in case of strategy changes or consolidation. A lack of domestic hyperscalers also means that some critical workloads still depend on foreign infrastructure, which can slow full digital sovereignty.
Similarly, Lithuania’s talent pool is currently seeing a high amount of brain drain to countries including the UK, Germany and the US, which often offer better salaries. This can have far-reaching impacts on sovereign infrastructure projects.
Source
