The Romanian National Computer Security Incident Response Team CERT-RO received in 2013 over 43 cyber security alerts, and found that about 2.2 million unique IPs from Romania were involved in various types of cyber security incidents.

Based on the received data, CERT-RO conducted an analysis to get a general view on the nature and the dynamics of these types of events relevant for the assessment of cyber security risks for the IT and electronic communications infrastructures in Romania.

It revealed that over 16 percent of the total 13.5 million  IP addresses in Romania were involved in at least one cyber security alert reported to CERT-RO last year.

Some 78 percent of the alerts target informational systems in Romania, victims of attackers that usually, by exploiting technical vulnerabilities, targeted to infect systems with various types of malware applications, for the establishment of botnet networks, according to CERT-RO.

Over 5 percent of the alerts are related to entities from Romania that send unsolicited spam emails to various targets on the Internet.

Also, 40 percent of the alerts were related to informational systems in Romania infected with the Conficker worm. According to the received data, around 12.5 percent of the unique IPs in Romania were reported as being infected with this type of worm in 2013.

According to the report, over half of the total reported unique IPs are running Microsoft Windows operating systems, versions 98, 2000, XP or 2003.

Also, over 10,000 .ro domains were compromised in 2013, namely some 1.4 percent of the total. Some 60 percent of them are domains infected with various types of malware, that can infect other visitors.

The entire CERT-RO report can be found here (in Romanian).

Irina Popescu, irina.popescu@romania-insider.com