- About Us
We 365 Admin Support, just simplify your IT problems
Call for a free support. +91 96666 59505Platform Partnership
The Romanian water management agency, Romanian Waters (Administrația Națională Apele Române), experienced a ransomware attack over the weekend.
According to officials from the National Cyber Security Directorate (DNSC), around 1,000 computer systems at the national water authority and 10 out of its 11 regional offices were impacted by this incident.
The breach affected servers that host geographic information systems, databases, email, web services, as well as Windows workstations and domain name servers. However, systems controlling the nation’s water infrastructure, known as operational technology (OT) systems, were not affected.
Investigators from various Romanian security agencies, including the Romanian Intelligence Service’s National Cyberint Center, are looking into the situation and taking steps to limit its impact. They discovered that the attackers utilized Windows’ built-in BitLocker feature to encrypt files on the compromised systems and left a ransom note requesting contact within a week.
“The National Administration of Romanian Waters has clarified that the operation of hydrotechnical assets is managed solely through dispatch centers using voice communication. All hydrotechnical constructions remain safe and are operated on-site by personnel while being coordinated by dispatch centers,” the DNSC reported in a Sunday advisory.
Although the country’s national cybersecurity framework for critical IT infrastructure did not provide protection prior to the attack, authorities are moving to incorporate it into the National Cyberint Center’s protective measures.
As of Sunday, officials noted that the attack vector remains unidentified, and activities of the national water authority are continuing unhindered.
“The dispatching and management of hydrotechnical structures are functioning under normal conditions, utilizing telephone and radio communications. Hydrotechnical structures remain safe, with local personnel managing operations and coordinated by dispatchers. Activities related to forecasting and flood protection have not been impacted,” the DNSC stated in a follow-up on Monday.
No ransomware group or state-sponsored threat actor has claimed responsibility for the attack thus far, and the Romanian Waters agency has yet to assign blame. This incident comes in the wake of Danish intelligence accusing Russia of executing a cyber assault on a water utility in 2024.
In early December, the FBI, NSA, European Cybercrime Centre (EC3), and various global cybersecurity agencies warned that pro-Russia hacktivist groups, including Z-Pentest, Sector16, NoName, and CARR (Cyber Army of Russia Reborn), have been targeting critical infrastructure worldwide.
This ransomware attack is the latest in a series of significant incidents impacting Romania’s infrastructure. The Electrica Group, a key Romanian electricity supplier, was also hit by the Lynx ransomware gang about a year ago, while more than 100 hospitals were forced to take their systems offline following a Backmydata ransomware attack that disrupted healthcare management in February 2024.
Broken IAM isn’t just an IT problem – the impact ripples across your whole business.
This practical guide covers why traditional IAM practices fail to keep up with modern demands, examples of what “good” IAM looks like, and a simple checklist for building a scalable strategy.
