August 30, 2022
Montenegro has been hit by “cyberattacks” targeting the “structures of the state.” These attacks did no permanent damage (I assume that means it wasn’t wipers??), but somehow several government websites are still offline. They are blaming Russia.
This event is curious, and I would really like to have more information released by Montenegro. Was it a DDoS? Ransomware? Apparently, it wasn’t wipers, so it stands to reason that it was one of the other “denial” attacks.
A DDoS shouldn’t cause the US Embassy to issue a travel-notice-type-alert(??), and really it should be simple to resolve. If it was a DDoS, then this seems like a massive overreaction.
If it was ransomware, I immediately think of the Conti Costa Rica event earlier this year. Ransomware crews targeting governments is not unprecedented, and presumably, Montenegro is fair game now that Putin has put them on his “you’re not my friend no more” list. But if it was ransomware, then why hasn’t the group responsible said anything?
If it were the Russian state, I feel like it would most likely be a wiper since that seems to be their MO for these sorts of things. I suppose a DDoS is possible as well, just as a way to rattle the cage.
Overall, it seems like ransomware is the best fit for the evidence available.
https://www-therecord.recfut.com/montenegro-struggles-to-recover-from-cyberattack-that-officials-blame-on-russia/
-
-
@AntoanetaRoussi on the quarrel 👇 politico.eu/article/eu-and…
