Romanian gov’t, ministries’ websites hit by cyberattacks. SRI: Pro-Russian hackers used network equipment from outside Romania

Several government sites, including the government and the military, were cyber-attacked on Friday morning. Government spokesman Dan Cărbunaru told Digi24 that the attack blocked users’ access to the page, and no sensitive or confidential data was affected.

The attack involves a huge influx of data into a server to make it inoperable. “The attack involved an extremely high level of access to these sites and activated the level of protection that blocked the access of those who wanted to enter these sites. No sensitive or confidential data has been affected. Specialists should intervene to identify the source of the intense seizures. The priority is to restore access, experts will work to identify the causes and the actual source of these attacks. There have been no recent such attacks. IT specialists in Romania have the ability to manage such situations “, said Dan Cărbunaru.

The Romanian Intelligence Service explained that the cyber attack that took place on Friday morning was launched from outside Romania, with hackers exploiting “cyber security vulnerabilities”. The attack was claimed by a group of pro-Russian hackers, who also launched attacks on the sites of institutions in states such as the USA, Estonia, Poland, the Czech Republic, but also on NATO sites.

“Following the investigations carried out by the CYBERINT National Center within the Romanian Intelligence Service, it was established that the cyber attackers used network equipment from outside Romania. The attackers took control of the equipment in question by exploiting cyber security vulnerabilities, respectively the lack of cyber security measures and used them as a vector of attack on sites in Romania. The cyber attack was claimed by the pro-Russian Eastern KILLNET group, which specializes in DDoS attacks. Also this month, the KILLNET group launched DDoS attacks on the sites of institutions in states such as the USA, Estonia, Poland, the Czech Republic, but also on NATO sites,” said SRI.

Access to the sites gov.ro, mapn.ro, politiadefrontiera.ro, cfrcalatori.ro and the website of a financial institution was affected by a series of cyber attacks of type DDOS (distributed denial of service), on Friday morning.

The website of the Romanian Ministry of Defense was also cyber-attacked.

“The cyberattack on the Ministry of National Defense website was launched around 4.05 this morning. The attack did not compromise the functioning of the institution’s website, but only blocked users’ access to it, this is the nature of DDOS attacks.

Our site does not contain sensitive or classified databases and the attack did not affect other services and computer networks of the Ministry of National Defense. At this moment, the specialists of the cyber defense command of the Ministry of National Defense are working to resume the functionality of the website.

We will communicate as soon as we restore the functionality of the site”, Constantin Spînu, the spokesperson of the Ministry of National Defense, told Digi24.

A cyber attack on the website of the Romanian Border Police (www.poliţiadefrontieră.ro) was also rejected during the morning by the specialists in communications and information technology within the institution, the Border Police reported. “The attack did not compromise the functioning of the institution’s website, but blocked users’ access to it,” according to the quoted source.

The institution states that the Border Police website “contains only public information and not sensitive or classified databases, and the attack did not affect other Border Police services and networks.”

The Distributed Denial of Service attack, abbreviated DDoS, aims to disrupt or make unavailable the normal traffic of a server, service or network by overloading the target system or infrastructure with a large volume of data.

Symptoms of a DDoS attack include irregular connectivity, slowdowns, or intermittent shutdowns of the website. If a failure persists or is more severe than usual, the network is likely to face a DDoS attack, according to the experts of the National Directorate of Cyber ​​Security.