Montenegro and its allies are working to recover from the massive cyber attack

A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow.

A massive cyberattack hit Montenegro, the offensive forced government headquarters to disconnect the systems from the Internet. The attack started on August 20 and impacted online government information platforms. According to the media, the critical infrastructure of the country, including banking, water and electrical power systems are at high risk.

Government officials attribute the attack to pro-Russian hackers and to Russian security services.

The National Security Agency said that Montenegro was “under a hybrid war at the moment.”

The state has been a Russian ally since 2017 when it joined NATO despite strong opposition from Russia, it also expressed support to Ukraine after its invasion.

Now Moscow has added the state to its list of “enemy states” for this reason it is suspected to be the source of the attacks.

“Coordinated Russian services are behind the cyber attack,” the ANB said in a statement. “This kind of attack was carried out for the first time in Montenegro and it has been prepared for a long period of time.”

“I can say with certainty that this attack that Montenegro is experiencing these days comes directly from Russia.” said Dusan Polovic, a government official.

However, a cybercriminal extortion gang has claimed responsibility for at least part of the attack, the systems at a parliamentary office were infected with a variant of Cuba ransomware.

In early September, a team of cybersecurity experts from the US FBI was sent to Montenegro to help the authorities to investigate the cyberattack.

“We have been faced with serious challenges related to the cyberattack for about 20 days, and the entire state system, the system of state administration, and the system of services to citizens are functioning at a rather restrictive level,” Defense Minister Rasko Konjevic told The Associated Press. “In such attacks, there are usually organizations that are a mask for state intelligence services,” Konjevic added.

Konjevic added that government allies are helping Montenegro to recover the government’s infrastructure and are working together to find the source of the attack.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Montenegro)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.