Cyber attackers who shut down certain websites on Friday used equipment from outside Romania

The Romanian Intelligence Service (SRI) reports that the cyber attackers who made unavailable on Friday a series of websites belonging to the national authorities, financial-banking institutions, respectively, used network equipment from outside Romania, Agerpres reports.

On Friday, starting at 4:00 am, a number of websites belonging to the national authorities and some financial-banking institutions were the victims of a Distributed-Denial-of-Service (DDoS) type of cyber attack.

Following the investigations carried out by the CYBERINT National Centre within the Romanian Intelligence Service, it was established that the cyber attackers used network equipment from outside Romania. The attackers took control of the equipment in question by exploiting cyber security vulnerabilities, respectively the lack of cyber security measures, and used them as a vector of attack on the Romanian websites, the same source reports.

The cyber attack was claimed by the pro-Russian KILLNET group, which specializes in DDoS attacks. Also, earlier this same month, the KILLNET group launched DDoS attacks on the websites of institutions in states such as the US, Estonia, Poland, the Czech Republic, but also on NATO sites.

The responsibility for ensuring the primary cyber security of the affected infrastructures does not belong to the Romanian Intelligence Service. However, given the scale of the attacks with an impact on national security, the CYBERINT National Centre within the Romanian Intelligence Service is actively cooperating with the entities responsible for investigating cyber attacks and remedying their effects, the SRI explains.

The Service also adds that the affected sites are not part of the National System for the Protection of IT&C Infrastructures of national interest against threats from cyberspace (TITEICA) managed by the Romanian Intelligence Service through the CYBERINT National Centre.