bne IntelliNews – Russia blamed for wave of hacker attacks in Southeast Europe

Russia has been accused of being behind a wave of hacker attacks on the websites and social media of state institutions and political parties in southeastern Europe.

While all the countries in the region are now members or candidates for EU membership, and several have joined NATO, Russia is still seeking to maintain its influence in South Eastern Europe. Since the invasion of Ukraine in February, there have been fears that Russia could use its remaining influence to destabilize the region.

Montenegro’s National Security Agency (ANB) said on August 26 that several Russian agencies were behind a cyberattack on key IT systems of state institutions in early August. Outgoing Prime Minister Dritan Abazovic said Montenegro was at the height of a hybrid war.

The following day, Bulgaria’s former ruling Gerb party said it was attacked by Russian hackers who targeted posts on three specific topics on its social media pages.

Both claims follow an attack on Albanian government servers that brought down most of the recently launched e-Albania services in July.

Hybrid War in Montenegro

In Montenegro, the ANB said such an attack had not been seen anywhere else in the world so far. According to ANB, the cyberattack has not reached its peak yet and all of the country’s key infrastructure, including the power supply system or water supply, could be targeted.

“This is a very serious thing and this is a very serious attack. We are monitoring the situation, the National Security Agency, the police leadership and the Ministry of Defense are included. In my opinion, it is is a politically motivated attack,” Abazovic said as quoted by RTCG.

EU candidate country Montenegro supports all EU sanctions against Russia imposed due to its invasion of Ukraine.

Abazovic added that international partners have been helping local institutions deal with the situation since the first attacks in early August.

The style of attack was carried out using a methodology specific to Russian agencies, the ANB noted.

The attacks started a week ago, then since August 25, Montenegro has been hit by a new round of cyberattacks, the government in Podgorica said earlier on August 26.

Since August 28, the government’s website has been inaccessible again. However, Podgorica says that although some services have been temporarily closed for security reasons, the safety of citizens and businesses is not at risk.

Montenegro informed its international allies of the details of the attacks, which are similar to those carried out earlier in 2015 and 2016. At the time, Russian agencies were accused of attacking the government computer system in Podgorica before joining of Montenegro to NATO. .

Meanwhile, IT expert Dejan Abazovic suggested it was a financial motive for the attacks, pointing out that they were DDOS and Ransomware attacks. He added that the second objective of the attacks was to disable Internet communications between state institutions, as well as their communication with businesses and citizens.

Gerb’s social networks attacked

On August 27, Bulgaria’s former ruling Gerb party also said it was being targeted by Russian hackers, the day after Gerb leader Boyko Borissov advised the caretaker government to find a way to resume imports of Russian natural gas.

Gazprom halted deliveries in April when the then government led by Kiril Petkov refused to pay in roubles. However, ministers of the new caretaker government said they were opening talks with the Russian company on resuming supplies to ensure enough gas for the winter and avoid heavy financial penalties.

At the same time, Borissov says he supports the diversification of natural gas sources.

“Last night, our communication networks in social networks were affected by a hacker attack. Specifically, three posts about gas and the scams done with it. There was a clip and a graphic part, in which the scheme with intermediaries [selling natural gas] has been explained. And the third was distributed fake news that Borissov said Gazprom should return to Bulgaria in 2023,” Gerb’s Georg Georgiev said at a press conference broadcast live by Dnevnik media on August 27.

Cybersecurity experts from Gerb claim that since these three stories were published on Facebook, massive attacks with identical comments and made by suspicious profiles have begun. Almost all of them were Russian profiles.

e-Albania closed

Earlier, Albania was the target of a massive cyberattack that shut down online government services.

This immediately led to speculation that Russia was behind the attack. A member of NATO, Albania is a strong supporter of Ukraine and is part of Western sanctions against Russia.

The Albanian National Agency for Information Society (AKSHI) announced on July 17 that Albania was facing a sophisticated cyberattack originating outside the country.

The government confirmed on the morning of July 18 that the country was facing a massive cyber attack.

“This criminal cyber-attack was synchronized … from outside Albania,” the statement said.

The Albanian government has taken most public services, including paying taxes online through the e-Albania portal from May 1, while in-person service windows at government offices and other institutions have been closed. closed.

The move aims to make it easier for citizens to access services and reduce corruption, but at the time concerns were raised about how older people and those without internet access would fare.

Mary I. Bruner