The health sector, public administration, and the energy industry are the most targeted by cyber threats in Romania, according to the National Cyber Security Directorate (DNSC) in its 2024 activity report.
The health sector faces significant threats due to the large volume of sensitive data and underfunded critical infrastructure. Public administration is often the target of cyber attacks, which have a direct impact on services and citizens’ trust.
In turn, the energy sector remains a priority target for attackers aiming both to test and disrupt IT/OT infrastructures and to obtain financial gains.
The greatest risks for an organization facing cyber attacks remain the lack of specialized personnel in the field of cybersecurity, especially for incident response.
“At the same time, the low level of awareness among the general public and the limited interest of management regarding cyber threats amplify existing vulnerabilities. The phenomenon is worsened by increasingly complex attacks carried out by malicious actors with advanced capabilities,” the document further specifies.
In 2024, the Directorate intervened to support companies and institutions affected by a series of cyber attacks and incidents such as DDoS (Distributed Denial of Service). Split by sector, the attacks targeted:
Energy: 2 (Rompetrol, Mol Romania)
Banking: 17 (Alpha Bank, Banca Transilvania, Banca Comercială Română, Creditcoop, Exim Bank, Edificium, National Bank of Romania, Romanian Bank for Loans and Investments, Bucharest Stock Exchange, Bank Deposit Guarantee Fund)
Digital infrastructure/telecommunications: 3 (Orange, Telekom, GTS)
Transport: 12 (National Railway Company (CFR), National Company for Road Infrastructure Administration (CNAIR), Bucharest Airports National Company, Port of Constanța, Astra Trans Carpatica Feroviar, Băneasa Airport, Metrorex)
Central and local public administration: 13 (Romanian Government, Special Telecommunications Service, National Cyber Security Directorate, Ministry of Internal Affairs, Romanian Senate, Ministry of Foreign Affairs, Ministry of Development, Public Works and Administration, Ministry of Tourism, Bucharest City Hall).
DDoS attacks were not the only type of challenges faced by companies and institutions in Romania. There were also website defacements, encryption, and exfiltration of sensitive data, and brute-force attacks targeting the infrastructure of Bucharest City Hall, Bucharest Transport Company, Romanian Railway Authority, and University of Bucharest, originating from IP addresses hosted in Russia.
According to the cited source, ransomware remains one of the most persistent and serious phenomena. A total of 101 such incidents were detected and handled in 2024 by the Directorate.
Romania’s DNSC recently took part in a trilateral working meeting for the creation of a regional cybersecurity alliance between Romania, the Republic of Moldova, and Ukraine, to counter Russian hackers.
(Photo source: Piotr Zajda | Dreamstime.com)
Leave a Reply