FBI team investigates massive cyberattack in Montenegro
PODGORICA, Montenegro — A rapid deployment team of FBI cyber experts is heading to Montenegro to investigate a massive and coordinated attack on the government and its services in the small Balkan nation, the country’s interior ministry said on Wednesday.
“This is further confirmation of the excellent cooperation between the United States of America and Montenegro and proof that we can count on their support in all situations,” the ministry said of the deployment of the Cyber Action-Team.
Last weekend, the Montenegrin Agency for National Security said the country was “currently under hybrid warfare”, blaming Russia for the attack outright. Meanwhile, a group of Cuban hackers claimed responsibility while experts said it could also be the work of individuals and organized crime groups.
Montenegrin officials said Russia had a strong motive for such an attack because the Balkan state, once seen as a strong Russian ally, joined NATO in 2017 despite strong opposition from the Kremlin. He also joined Western sanctions against Moscow over its invasion of Ukraine.
Other Eastern European states considered enemies of Russia have also recently suffered cyberattacks, mostly nuisance-level denial-of-service campaigns, in recent weeks. Targets included networks in Moldova, Slovenia, Bulgaria and Albania.
But the attack on Montenegro’s infrastructure appeared more sustained and widespread with targets including water supply systems, transport services and online government services, among others.
On Monday, government officials said a hacker attack on Montenegrin institutions’ information system was still ongoing, but the system would not suffer permanent damage.
“A huge amount of money has been invested in the attack on our system,” Public Administration Minister Maras Dukaj said. He added that his ministry cannot determine the source of the attack, but that there are “strong indications that it came from Russia”. ”
Director of the Information Security Directorate Dusan Polovic said that “150 cells” in a dozen state institutions were infected and the data of the Ministry of Public Administration was not permanently damaged.
“The infected stations have been removed from the network and the hard drives have been removed for further forensic analysis,” he said, adding that “the priority is to get the tax system up and running, but this will only be done when it is completely secure.”
AP writer Dusan Stojanovic contributed from Belgrade, Serbia.