Cyberattack on Romania Water Authority Disables IT Systems Across Nation, Critical Infrastructure Affected

Romania experienced a severe cybersecurity incident early on December 20 when Romanian Waters, the country's national water authority, was the target of a widespread ransomware attack. Nearly 1,000 computer systems nationwide were affected by the attack, including servers, offices, emails, and internal networks.The National Cyber Security Directorate, Romania's cyber watchdog, verified the intrusion and categorized it as a threat to critical infrastructure.

Romania's emergency regulations consider water management to be crucial for public safety. As a result, the attack constituted a national issue rather than only an IT failure. Authorities were forced to disseminate updates via social media and other communication channels after Romanian Waters' official website went down. While digital systems remained locked, employees inside the business resorted to radios and telephones to maintain vital water operations.

The ransomware swiftly moved from the central office to 10 of the 11 regional river basin administrations, according to investigators. Important systems were shut down, including Windows PCs, email servers, databases, and websites. The loss of access to geographic information systems, which are essential for environmental management, river monitoring, and flood planning, was one of the most significant effects.

The way the attack was executed is a noteworthy aspect of it. Attackers utilized BitLocker, a built-in Windows encryption feature, to lock systems instead of employing proprietary software. Because the software is legitimate, this made it more difficult to identify the attack. In accordance with national policy, Romanian officials declined to negotiate despite a ransom note demanding contact within seven days.

Additionally, officials attest to the safety of physical infrastructure, including flood control systems and dams. But the event revealed weaknesses in cyber readiness. Romanian Waters was not yet fully integrated into the nation's consolidated cyber defense system; this is currently being expedited.

This attack underscores an increasing risk on a global scale. Because water utilities rely so largely on digital infrastructure, ransomware groups find them to be appealing targets. The event in Romania is a stark reminder that, even in the absence of physical harm, cyberattacks on vital infrastructure can quickly interrupt vital public services.

Information referenced in this article is from The 420