Montenegro and its allies are working to recover from the massive cyber attack

A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow.

A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical infrastructure of the country, including banking, water and electrical power systems are at high risk.

Government officials attribute the attack to pro-Russian hackers and to Russian security services.

The National Security Agency said that Montenegro was “under a hybrid war at the moment.”

The state has been a Russian ally since 2017 when it joined NATO despite strong opposition from Russia, it also expressed support to Ukraine after its invasion.

Now Moscow has added the state to its list of “enemy states” for this reason it is suspected to be the source of the attacks.

“Coordinated Russian services are behind the cyber attack,” the ANB said in a statement. “This kind of attack was carried out for the first time in Montenegro and it has been prepared for a long period of time.”

“I can say with certainty that this attack that Montenegro is experiencing these days comes directly from Russia.” said Dusan Polovic, a government official.

However, a cybercriminal extortion gang has claimed responsibility for at least part of the attack, the systems at a parliamentary office were infected with a variant of Cuba ransomware.

In early September, a team of cybersecurity experts from the US FBI was sent to Montenegro to help the authorities to investigate the cyberattack.

“We have been faced with serious challenges related to the cyberattack for about 20 days, and the entire state system, the system of state administration, and the system of services to citizens are functioning at a rather restrictive level,” Defense Minister Rasko Konjevic told The Associated Press. “In such attacks, there are usually organizations that are a mask for state intelligence services,” Konjevic added.

Konjevic added that government allies are helping Montenegro to recover the government’s infrastructure and are working together to find the source of the attack.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Montenegro)

[adrotate banner=”5″]

[adrotate banner=”13″]