Cyber assaults predominantly focus on Romania's health and energy sectors, according to the DNSC's statement
In 2024, Romania faced a surge of significant cyber threats, with the health sector, public administration, and energy industry being the most targeted, according to the DNSC's activity report. Notable incidents included ransomware, DDoS attacks, data exfiltration, and brute-force attacks, with Russian-origin IP addresses frequently involved.
The energy sector, particularly operational technology, was under attack, with complex incidents like those on DEER (2024) and Rompetrol (2022) being reported. The public administration sector also faced infrastructure-targeted attacks, with entities such as Bucharest City Hall, the Bucharest Transport Company, the Romanian Railway Authority, and the University of Bucharest being targeted.
The health sector, while not detailing specific attack types, was included in the critical sectors frequently targeted. The DNSC detected and handled 101 ransomware incidents alone, reflecting a persistent and serious challenge.
Challenges reported by the DNSC include managing a rising number of cyber incidents, the need for a functional cybersecurity services market, and the evolving legal and regulatory environment. The increasing complexity of cyber attacks, the lack of specialized personnel, particularly for incident response, and the low level of awareness among the general public and limited interest of management regarding cyber threats contribute to existing vulnerabilities.
In response, the DNSC provided intervention and support to affected institutions during the numerous cyber incidents in 2024. The Directorate also collaborated with the private sector and technology providers, exemplified by its partnership with ENEVO Group, validating cybersecurity solutions like SentryOT, specifically aimed at energy sector infrastructures.
Regional cooperation plans were also initiated, with the DNSC engaging in trilateral working meetings with the Republic of Moldova and Ukraine to create a cybersecurity alliance focused on countering Russian hacker threats.
The DNSC's 2024 activity report underscores an increasingly complex threat landscape, emphasizing enhanced capacity building, public-private collaboration, advanced technology adoption, and regulatory compliance to strengthen Romania’s cyber defense across critical sectors.
- The health-and-wellness sector, often identified as a critical target, faced a myriad of cyber attacks in Romania, with the DNSC reporting 101 ransomware incidents alone in 2024.
- In the energy sector, complex incidents like the DEER (2024) and Rompetrol (2022) attacks were reported, highlighting the need for advanced technology adoption and robust cybersecurity solutions.
- The Directorate for Investigating and Combatting Cybercrime (DNSC) collaborated with the private sector and technology providers, such as ENEVO Group, to validate cybersecurity solutions specifically designed for energy sector infrastructures.
- Recognizing the increasing complexity of cyber threats, the DNSC initiates regional cooperation plans, engaging in trilateral working meetings with the Republic of Moldova and Ukraine to form a cybersecurity alliance focused on countering Russian hacker threats, emphasizing the importance of international support in strengthening Romania's cyber defenses.
