The U.S. Embassy in Montenegro has warned People that an ongoing ransomware assault within the nation may trigger widespread disruption to key public providers and authorities providers.
The ransomware assault, first confirmed by Montenegro’s Company for Nationwide Safety (ANB) final week, focused authorities methods and different crucial infrastructure and utilities, together with electrical energy, water methods and transportation. On the time of writing, the official web site of the federal government of Montenegro is unavailable and experiences recommend that a number of energy crops have switched to handbook operations because of the assault.
Officers in Montenegro claimed no knowledge was stolen and claimed that no everlasting injury was finished because of the assault.
Nevertheless, Montenegro’s ANB declared that the nation was “below a hybrid warfare,” and blamed “coordinated Russian providers” for the assault. Relations between the 2 international locations have remained strained since Montenegro joined the NATO alliance of Western international locations in 2017, after which Russia threatened retaliatory motion.
The U.S. Embassy in Montenegro has since printed its personal discover, writing that the federal government was going through a “persistent and ongoing” cyberattack. “The assault might embrace disruptions to the general public utility, transportation (together with border crossings and airport), and telecommunication sectors,” the Embassy warned. It suggested residents residing within the Balkan state to restrict journey, overview private safety plans, and “concentrate on your environment.”
In response to malware research group VX-Underground, the Cuba ransomware group claimed duty for the assault.
On its darkish net leak website, seen by DailyTech, the Cuba ransomware group claims it obtained “monetary paperwork, correspondence with financial institution staff, account actions, steadiness sheets, tax paperwork, compensation [and] supply code” from Montenegro’s parliament on August 19.
Montenegro has been with no prime minister since August 20, when the nation’s parliament voted to go a no-confidence movement within the ruling authorities.
Cybersecurity firm Profero beforehand linked the Cuba ransomware group to Russian-speaking hackers, which researchers noticed whereas the group negotiated with its victims. Profero mentioned it believes the group is “not state-sponsored.”
The ransomware gang has been round since 2019 and final 12 months the FBI issued an alert that warned organizations that the cybercriminals had been concentrating on crucial infrastructure. The FBI mentioned it had noticed roughly 50 focused entities and that hackers demanded tens of tens of millions of {dollars} from victims.
The assault on Montenegro comes simply months after the Russia-linked Conti ransomware group attacked the Costa Rican authorities in a weeks-long assault beginning in April. In a message posted to its darkish net leaks weblog, Conti urged the residents of Costa Rica to strain their authorities to pay the ransom, which the group later doubled to $20 million.