The cyberattack deflected on May 12 targeted employees of Romania’s Foreign Ministry (MAE).
“There are two fundamentally different things. The attack at MAE was a targeted one, a surgical one of an advance persistent threat nature. Usually, behind such attacks there are state actors. The attack targeted employees there; we intercepted the attack and stopped it. So, that was no widespread attack. Secondly, it was the WannaCry ransomeware. The WannaCry attack was widespread, meaning it acted wherever it could act,” head of the National Cyberint Centre with Romania’s Intelligence Service (SRI) Anton Rog told a joint news conference on Wednesday with SRI Spokesman Ovidiu Marincea.
The Cyberint National Centre, operating under the authority of the Romanian Intelligence Service (SRI), on Friday, May 12 successfully deflected a cyberattack attempt against a governmental institution of Romania.
SRI said in a press statement that it conducted its action based on a notification from Romania’s Foreign Intelligence Service (SIE).
According to SRI, the attempt most likely originated with an entity associated with the APT28 / Fancy Bear cybercrime ring.
“A cyberattack attempt has been identified against a government institution in Romania, most likely originating with players previously associated with such incidents. Because of efficient cooperation among institutions, the attack has been prevented from materialising itself, and damage has also been deflected, with the targets as well as the attack methodology having been identified. Relevant in terms of cybersecurity is that this attempt is no novelty. Thousands of cyberattacks are perpetrated daily against institutions, entities and persons in the virtual space, and Romania is no exception,” said SRI.
It added that the technological level of the attacks will significantly increase in the period immediately ahead, which “makes implementing a clear and pragmatic legal framework that spells out actual nationwide powers and responsibilities in the area imperiously needed.”