All relevant intelligence services from Russia, namely FSB, GRU and SVR, are trying to be present in Romania, on the cyber espionage side, the general director of the Cyberint National Center within the Romanian Intelligence Service (SRI), Anton Mugurel Rog, told a Tuesday's specialized conference.
"We had technical data for two actors that they are here. We had FSB and GRU. A few months before the war came the third missing actor from Romania: SVR. So now, on the cyber espionage side, all the relevant intelligence services information from Russia, with complex attacks (....), are trying to be present in Romania," said Anton Mugurel Rog at BCR Expert Hub, an event where "Cyber security, challenges and prevention of vulnerabilities" were discussed.
He explained that the role of the Cyberint National Center is to prove, without a doubt, with technical evidence, that the respective attack is carried out by a certain group, etc.
"The political attribution is made later by the President of Romania, if he deems it appropriate, based on the technical data provided by the National Cyberint Center and other institutions from Romania or in cooperation with private companies," Rog said.
According to him, there is a "pattern" that Russia has used every time it has had military attacks.
"Before, they cyber-attacked the territory or the adjacent area. This has happened now. And not all attacks could have targeted Ukraine very accurately. Some attacks came out, so to speak, from what they wanted and affected also Europe, almost in its entirety," explained the SRI representative.
He mentioned that another 3-4 states have cyber actions in Romania, but did not make nominations, some of them being "countries that should not do such a thing".
On the other hand, Bogdan Botezatu, director of Computer Threat Research, Bitdefender, drew attention to the fact that "the world is talking about computer warfare, but it is not happening in Romania", instead there is interest from commercial actors. These are attackers who want to infect computers, want to steal information, want to plant ransomware.
"Attacks have intensified recently. We ended 2021 with about 400 single attacks per minute. When we talk about single attacks, we are talking about single malware servers reaching our streams. In 2022 so far the number of single attacks has risen to around 550 per minute. Not a huge increase, but a significant increase," he said.
Botezatu added that the number of attacks is not given by a context related to war or dramatic changes in society, but by digitalization.