Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

FBI’s Team to Investigate Massive Cyberattack in Montenegro

A rapid deployment team of FBI cyber experts is heading to Montenegro to investigate a massive and coordinated attack on the tiny Balkan nation’s government and its services, the country’s Ministry of Internal Affairs announced Wednesday.

A rapid deployment team of FBI cyber experts is heading to Montenegro to investigate a massive and coordinated attack on the tiny Balkan nation’s government and its services, the country’s Ministry of Internal Affairs announced Wednesday.

“This is another confirmation of the excellent cooperation between the United States of America and Montenegro and a proof that we can count on their support in any situation,” the ministry said of the deployment of the Cyber Action Team.

Last weekend, Montenegro’s Agency for National Security said the country was “under a hybrid war at the moment,” blaming the attack squarely on Russia, though without providing evidence. A cybercriminal extortion gang has claimed responsibility for at least part of the attack, infecting a parliamentary office with a variant of ransomware known as Cuba. Russian-speaking cybercriminals generally operate without Kremlin interference, as long as they don’t target friendly nations.

{ Read: Cybercriminals Apparently Involved in Cyberattack on Montenegro Government }

Montenegrin officials said Russia has a strong motive for such an attack because the Balkan state, once considered a strong Russian ally, joined NATO in 2017 despite strong opposition from the Kremlin. It has also joined Western sanctions against Moscow because of its invasion of Ukraine.

Other Eastern European states deemed enemies of Russia have recently also sustained cyberattacks, mostly nuisance-level denial of service campaigns, in recent weeks. Targets have included networks in Moldova, Slovenia, Bulgaria and Albania.

But the attack against Montenegro’s infrastructure seemed more sustained and extensive, with targets including water supply systems, transportation services and online government services, among many others.

On Monday, government officials said that an attack by hackers on the information system of Montenegrin institutions was still ongoing, but that the system will not suffer permanent damage.

Advertisement. Scroll to continue reading.

“A huge amount of money was invested in the attack on our system”, said Minister of Public Administration Maras Dukaj He added that his ministry cannot determine the source of the attack, but that there is “strong indication that it is coming from Russia.”

The Director of the Directorate for Information Security, Dusan Polovic, said that “150 cells” in a dozen state institutions were infected, and that the data of the Ministry of Public Administration was not permanently damaged.

“The infected stations have been removed from the network and hard drives have been removed from them for further forensics,” he said, adding that “the priority is to put the tax system into operation, but this will be done only when it is completely secure.”

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...