​Russia and China are just some of the countries that have launched cyber attacks in recent years that have also affected Romania, and General Anton Rog, head of CyberInt at SRI, announced on Tuesday that Romania’s intelligence service has a new cyber security strategy. , with a secret attachment that contains offensive measures against hackers.
Which countries are carrying out cyber attacks on Romania?
If countries are aggressive towards Romania, I see no reason why we should not nominate them, General Anton Rog, head of CyberInt, Romania’s intelligence service, said on Tuesday at a cyber security conference organized by Financial Intelligence.
He listed several Advanced Persistent Threat (APT) cyberattacks launched in recent years by Russian and Chinese security agencies and ministries, attacks that also affected Romania.
- Advanced Persistent Threat (APT) attack. is a cyber attack, typically by a government entity, targeting strategic objectives (government, military, national security, and/or business) that, through advanced methods, tactics, and procedures, manages to remain undetectable for an extended period of time time for strategic or financial gain. (Source: Intelligence Service of Romania – SRI)
Examples of APT attacks also targeting Romania
1. Last year, the Russian Federation was preparing a cyber attack on modems for connecting to the Viasat satellite system and wanted to disrupt communications specifically for the Ukrainian military. They were inaccurate and affected about half of Europe, including Romania, the entire eastern part – Poland, Hungary, the Czech Republic, the Baltic States, Germany, and even reached the Netherlands.
What gave birth to this business for us? This led to the isolation of some more isolated military units for a day, but the communication operator one day launched a fiber optic cable and communication was restored.
We had technical data and could attribute this attack to the Russian Federation.
2. Another APT we discovered in 2021, Brut Force, belongs to APT 28, an intelligence unit of the Russian military. The service was used to disrupt infrastructure and obtain a number of user credentials and passwords from multiple networks.
3. Solar Winds – 2021 is a ticketing product that had a vulnerability that was exploited. In Romania, the attack failed because everyone using the service was two versions behind because they hadn’t paid for their support and the older versions didn’t have the vulnerability. It was a happy accident. The attack was carried out by the SVR, Russia’s foreign policy service, namely APT29, a specialized unit of this service.
4. Hafnium – 2021 – apt40 Chinese Ministry of State Security is an APT that targets professionals through the LinkedIn network. More than 150 professionals were targeted in Romania, who were first offered smaller things and then more and more until they were asked to attack infrastructure. I processed them one by one, all 150 of them, approached and explained that they were Chinese and let them go about their business, which happened. But it took time for that to happen.
SRI warns hackers: We’re about to hijack your command and control servers
The head of SRI’s CyberInt also added that as of December 2021, the Romanian Intelligence Service has a new cyber security strategy that has an offensive component.
- “I want to note that this strategy involves a proactive, offensive approach. Of course, the application that outlines the activities associated with this proactive offensive approach is a classified application not intended for the general public.
- It’s important to get this out there so that the Russians, the Chinese, the Iranians, the North Koreans, when they come to Romania, know that we’re not just going to attribute the attack and that’s it, but we’re going to retaliate, upstream. we’ll steal their command and control servers, we’ll share malware with all partners to dust off their campaigns, etc. I hope they heard me!”, – said General of the Scientific Research Institute Anton Rog.
At the same event, General SRI announced that, together with DIICOT, they had recently foiled a cyber attack planned by a Romanian on the website of the European Political Community Summit, where 47 heads of state and government of Europe and EU leaders met in Bulboac, Republic of Moldova, for several tens of kilometers from Ukraine to convey a message of support for two countries that are under Russia’s crosshairs.
- Read more: How a Romanian tried to compromise the summit of European leaders in Bulboac: “I took him straight from the house.” Research Institute data
Source: Dreamstime.com
Source: Hot News
Lori Barajas is an accomplished journalist, known for her insightful and thought-provoking writing on economy. She currently works as a writer at 247 news reel. With a passion for understanding the economy, Lori’s writing delves deep into the financial issues that matter most, providing readers with a unique perspective on current events.