Romania under cyberattack coming from Russia's Killnet
The pro-Russian hacker group Killnet, which has already claimed several attacks that have taken place in recent days against some official sites in Romania, threatened on Saturday, April 30, that it would target almost 300 other sites, Economica.net reported. Newspapers, major public institutions, hotels, boarding houses, booking sites and political parties are considered.
Among the institutions whose sites are targeted are the Government, the Ministry of Finance, the Ministry of Defense, the Ministry of Health, the Ministry of Internal Affairs, and also those of the tax collection agency ANAF, the Romanian Gendarmerie or special telecommunications services STS.
According to the initial statements of the National Directorate of Cyber Security (DNSC), "the main objective of the attackers is the inactivation of websites and web services, the destruction of reputation and the panic of users in Romania."
By the evening of Sunday, May 1, they said that "there is a diversification of attacks by using new methods aimed at infecting with ransomware malware the computer systems of organizations already attacked by DDoS. In this context, the techniques used by attackers include spear phishing and spoofing."
Killnet has claimed to be behind the cyberattacks that hit the websites of several Romanian institutions, including the Government and Defense Ministry, on the morning of Friday, April 29. The group said in a message published on Telegram that the attacks were carried out after the statements of Marcel Ciolacu, the president of the Romanian Chamber of Deputies, who reportedly promised the Ukrainian authorities "maximum assistance" in the supply of lethal weapons to Ukraine by Romania.
"The attack caused the sites to be unavailable for several hours. The investigations carried out by the CYBERINT National Center within the Romanian Intelligence Service established that the cyber attackers used network equipment from outside Romania. The attackers took control of the equipment in question by exploiting cyber security vulnerabilities, respectively the lack of cyber security measures and used them as a vector of attack on sites in Romania," the Romanian Intelligence Service (SRI) stated.
(Photo source: Maksym Velishchuk/Dreamstime.com)