In response to Romania’s stance of supporting Ukraine in the war, a Russian hacktivist group is launching DDoS attacks against several Romanian government websites.
This comes from Romania’s national cyber security and incident response team, who said to be collaborating with other authorities to mitigate the attacks. Warning that attacks may continue, the team listed IoCs and guidelines to mitigate them.
Russia’s Killnet Targeting Romanian Sites
Ever since the on-ground battle of Russia vs Ukraine launched, cyber teams of both the countries have been so busy too. With Russian state-backed hackers constantly targeting Ukrainian sites and others who support them, many experts have warned that such attacks may continue for a while.
The latest ones to take the hit is Romanian government websites, which are said to be targeted with DDoS attacks early today. This comes from Romania’s national cyber security and incident response team – DNSC, who said a number of their govt websites are targeted today.
A Russian hacktivist group called Killnet claimed these attacks, in their post noted these incidents as retaliation against Romania’s stance in the war. The country’s President of the upper house of the Parliament has recently made a statement to support Ukraine in this war with maximum assistance, including weapons.
Angered by this, the Killnet group launched DDoS attacks against the below sites on local time 04 A.M;
- gov.ro (official website of Romania’s Government)
- mapn.ro (official website of Romania’s Ministry of Defense)
- politiadefrontiera.ro (official of Romanian Border Police)
- cfrcalatori.ro (official website of Romania’s National Railway Transport Company)
- otpbank.ro (site of a commercial bank operating in Romanian)
But by around 11 A.M., all the websites are live back again, noted Romania’s main intelligence service, SRI. They also stated that attacks have originated from compromised network equipment outside the country, that had been compromised by exploiting security vulnerabilities.