A quick deployment team of FBI cyber experts is en route to Montenegro to investigate a major and coordinated attack on the country’s government and services, according to the Ministry of Internal Affairs.
“This is more evidence of the United States’ and Montenegro’s great collaboration and demonstrates that we can count on their support in any circumstance,” the ministry stated of the Cyber Action Team’s deployment.
The Agency for National Security of Montenegro stated over the weekend that the country is currently “under a hybrid war,” accusing Russia for the strike without giving evidence. A cybercriminal extortion ring has claimed at least some responsibility for the hack, which infected a parliamentary office with Cuba ransomware. As long as they do not target friendly states, cybercriminals who speak Russian typically function without Kremlin supervision.
According to Montenegrin officials, Russia has a strong motive for such an attack because the Balkan nation, which was once considered a staunch Russian ally, joined NATO in 2017 against fierce resistance from the Kremlin. It has also joined Western sanctions against Moscow because of its invasion of Ukraine.
In recent weeks, other Eastern European nations believed to be Russia’s opponents have also been subjected to cyberattacks, primarily nuisance-level denial of service assaults. Networks in Moldova, Slovenia, Bulgaria, and Albania have been targeted.
However, the assault on Montenegro’s infrastructure appeared to be more prolonged and wide, with numerous targets including water supply systems, transportation services, and online government services.
On Monday, government representatives reported that a hacker attack on the information systems of Montenegrin institutions was still ongoing, but that the system would not sustain irreversible damage.
Minister of Public Administration Maras Dukaj remarked, “Huge sums of money were invested in the attack on our system.” He stated that his government is unable to determine the origin of the attack, but that “strong indications” point to Russia.
Dusan Polovic, director of the Information Security Directorate, stated that “150 cells” in a dozen state entities were infected and that the Ministry of Public Administration’s data was not irreparably compromised.
“The compromised stations have been withdrawn from the network and their hard drives have been extracted for additional forensic analysis,” he said, adding that “the priority is to put the tax system back online as soon as it is entirely secure.”
Current News