Major cyber attacks carried out between June and August 2018

18 August 2018

The Romanian Intelligence Service, via its specialized cyber intelligence unit - the National Cyberint Center (NCC) - has reliable data and information, including technical data, according to which a number of financial institutions in Romania were targeted by major cyber attacks in the period between June and August of this year.

More recently other partner organizations of the Service have also identified in their own countries an increasing risk of imminent cyber attacks targeted at several financial systems worldwide.

According to NCC's analysis, the hackers use various attack methods, including Cobalt Strike tools, which are associated with a cyber crime group of Eastern origin.

One of the methods used by the attackers consists in withdrawing certain amounts of money, by removing the limits set on withdrawals from certain bank accounts.

The National Cyberint Center has been monitoring for some time the activities carried out by the Cobalt Group.

Thousands of cyber attacks take place daily, targeting institutions, entities and individuals in cyberspace and the attacks against financial organizations have been on the rise over the past years. 

The attackers use APT-type techniques (Advanced Persistent Threat) to gain access to IT systems and they subsequently find ways to exploit the accessed information.

Given the complexity of these cyber attacks, the Service has already granted support to a number of financial institutions in order to assess, identify and counter the potential effects of such attacks.

The Romanian Intelligence Service provides financial organizations with its expertise in the field of cyber infrastructure protection.

Any requests for support can be sent to the email address [email protected].