A legal action has been launched following the cyber attack on Friday
An investigation has been opened in Bucharest into the cyber-attacks targeting the security and integrity of information data
Roxana Vasile, 16.05.2017, 13:09
According to the authorities in Bucharest, the servers of the Romanian public institutions, including those of the Government, the Fiscal authority or the Customs Office have not been affected by the cyber attack Romania has recently seen. Anton Rog, the head of the Cyberint National Centre, an institution coordinated by the Romanian Intelligence Service, speaks about the incident:
“The systems are fully operational, the customs check-points are functional and so are the apps used by the National Fiscal Administration Agency. The service has been previously notified about this attack and took all the necessary measures for the 54 public institutions under its protection. Our service has sent them all the procedures they had to follow, the packages they had to download and install in order to avoid this kind of problems. It was a spear phishing attack, sent through e-mails. Once the mail opened a certain type of virus, a malware programme was launched with the view to extracting data from the infected servers. Right now the institutions we are protecting have already applied the security programmes from the producer, taking all the procedural measures and we can say the situation now has improved. In terms of scope, however, this was the biggest attack at world level. There are thousands of such attacks on a daily basis and Romania is no exception to the rule.
Romanias National Bank hasnt been affected either. However, preemptive measures are needed as the threat of fresh cyber attacks is even bigger than a typical global financial crisis. Here is Central Bank governor Mugur Isarescu:
“Many central banks have developed real security systems in the field and we are making efforts together with the state authorities to control the phenomenon.
Although public institutions have been protected there were other victims such as the Romanian carmaker Dacia Renault, which, amid an intense IT crisis at the end of last week, had to halt production and send workers at home. The National Centre for Response to Cyber Security Incidents (CERT-RO) has received no less than 300 reports. Here is Mihai Rotariu, cyber-security consultant with CERT-RO.
We have so far received around 322 IPs, but that doesnt necessarily mean there are 322 victims infected. We dont know for sure how many victims are behind these IP addresses. The trend cannot be assessed as nobody has to report these incidents to CERT-RO, but it signals all users to comply with minimal cyber-security norms, particularly when it comes to updating systems and making backups on external storage devices, which should be later detached from the operating work stations.
In parallel, prosecutors with the Bucharest-based Directorate for Investigating Organised Crime and Terrorism (DIICOT) have launched an investigation into the cyber-attacks. They are waiting to get information in this respect from the Romanian Intelligence Service but also for the people affected to press charges. (Translated by D. Bilt)