Cyberattack Hits Montenegro’s Government and Critical Infrastructure
Montenegro is under cyberattack.
The small Balkan nation’s security agency warned on 26 August that hackers had launched a massive, coordinated cyberattack against the country’s government and services, ABC News reported. The Agency for National Security (ANB) said Montenegro is “under a hybrid war at the moment.”
The source of the attack is unclear—a hacker group claimed responsibility, but experts speculated that the attack could be the work of individuals, organized criminal groups, and/or nation-states.
Find out your top seven security news stories, delivered to your inbox weekly, and powered by ASIS International.
Montenegrin officials said Russia has a strong motive for such an attack, the Associated Press noted. Russia has added Montenegro—alongside most European countries—to its list of “enemy states” for acting against the Kremlin’s interests, especially for joining in Western sanctions against Russia for its invasion of Ukraine. Other Eastern European countries considered enemies of Russia have also been hit by cyberattacks—primarily nuisance-level denial of service campaigns—recently.
In a television interview, Defense Minister Rasko Konjevic said, “Who could have some kind of political interest in inflicting such damage on Montenegro? I think there is enough (evidence) to suspect that Russia is behind the attack.”
Montenegrin authorities reported a series of cyberattacks on its servers early last week and said they prevented any damage. But the attacks have continued.
The U.S. embassy in Montenegro warned that a “persistent and ongoing cyberattack” is in progress, and “the attack may include disruptions to the public utility, transportation (including border crossings and airport), and telecommunications sectors.”
The ANB warned electric utilities in the country about potential cyberattacks on critical infrastructure, and some companies switched to manual systems instead of connected infrastructure for the time being, Balkan Insight reported. So far, authorities say, citizens’ accounts and personal data have not been compromised.
Dusan Polovic, the head of the State Cyber Security Service in Montenegro, said that authorities have not been able to activate some services online, and a certain number of workstations have been compromised. The attack would have been expensive, he added—the cost to purchase the virus used in the first attacks ranges from $100,000 to $2.5 million on the Dark Web, further contributing to Montenegrin authorities’ suspicion that the attackers had state support.
A rapid deployment team of FBI cybersecurity experts has been sent to Montenegro to help investigate the attack.
This is not the first major cyberattack to hit Montenegrin state infrastructure. Hackers attacked on the country’s election day in 2016 and then again for several months in 2017 when the republic was about to join NATO, Reuters reported.