Cybercrime worsened in Romania and neighbouring countries, with arrests, false bomb threats, data breaches, and ransomware attacks highlighting the need for better security measures.
Romania cracks down on online violations
Romania has taken a strong stance against online violations with a series of arrests and convictions in recent months. Law enforcement agencies have been cracking down on individuals and organizations engaging in illegal activities, resulting in arrests and convictions.
A banner, reading ‘YOU KILL THEM !!!’, and a pair of children shoes were left by a protester at the entrance of the Interior Ministry building during a protest against the way Romanian authorities handled the kidnapping and killing of a 15-years old girl in the southern city of Caracal, in front of the Interior Ministry Headquarters, in Bucharest, Romania, 03 August 2019. Photo: EPA-EFE/ROBERT GHEMENT
Romania has seen a number of digital rights violations that led to arrests and convictions of perpetrators. A man accused of rape and child pornography was arrested in Gorj, southwest Romania, on December 17. According to the Directorate for Investigating Organized Crime and Corruption, the man raped a 15-year-old girl in March 2022. He also filmed the teen’s ordeal and shared the pornographic material with on Facebook.
On December 22, the Directorate for Investigating Organized Crime and Corruption dropped a child pornography probe based on a tip from the National Center for Missing & Exploited Children, NCMEC.
The US-based NGO had alerted Romanian authorities after detecting pornographic material involving a Romanian teen girl being shared on Instagram by an IP address in Alba County, in central Romania. The tip led prosecutors to a 15-year-old boy. He admitted guilt. However, prosecutors argued that the culprit had limited consent due to his youth.
In another incident, on December 31, Romanian authorities arrested influencers brothers Andrew and Tristan Tate in a human trafficking probe involving their video chat business in Bucharest.
Prosecutors at the Directorate for Investigating Organized Crime and Corruption identified six women who the Tate brothers on dating apps first contacted. Another man was arrested on January 12 for harassing and blackmailing his ex-girlfriend by publishing pornographic content about her on Facebook. The woman contacted the authorities, who intervened after the man destroyed the victim’s car.
Finally, on January 13, a court in Craiova, southwestern Romania, sentenced a man to eight months in prison and payment of 6,000 euros in moral damages to the three policemen he harassed on Facebook. Prosecutors said the suspect gathered information about one of the policemen and his relatives and then sent messages to public institutions containing embarrassing details about the man’s marriage. He also published the details on multiple fake accounts he set up on Facebook. The harassment started after one of the victims punished a colleague, who was discovered passing confidential information on police investigations to the suspect.
False bomb threats spread fear
In the second half of December, there were a number of incidents where false bomb threats were sent through social media and other forms of technology. Several incidents were recorded in Hungary, North Macedonia, and Bosnia and Herzegovina where false bomb threats were made through technology, leading to the spread of fear and misinformation through social networks.
An outside view of the new office building of Raiffeisen Bank in Sarajevo, 16 April 2009. Photo: EPA/FEHIM DEMIR
On December 16, 2020, in Hungary, an individual posted a comment on an event page on a social networking site stating; “There will be a pipe bomb under some chairs.” Police were able to track down and arrest the person responsible. This incident not only caused fear among those who saw the comment but diverted a significant amount of resources from police to investigate and prevent any potential harm.
Similarly, on December 17, 2020, in North Macedonia, a 63-year-old resident of Tetovo was arrested for making false bomb threats in the town of Delchevo. The individual said by phone that he had planted bombs in several locations but was quickly caught by the police. He faces a criminal charge of terrorism and a minimum sentence of eight years in prison if found guilty.
On December 19, 2020, in Bosnia, Raiffeisen bank branches in the Sarajevo area received threats of planted bombs, leading to the evacuation of all staff for security reasons. The bank informed the authorities and resumed operations after the premises were inspected. This incident not only disrupted the operations of the bank but also instilled fear among employees and customers.
These digital rights violations demonstrate the dangerous potential of technology when used irresponsibly. Using social media and other forms of technology to make false bomb threats is a crime that can lead to severe punishment and harms individuals, communities and institutions. These events highlight the importance of responsible use of technology and the need for effective measures to prevent such incidents from occurring in the future.
Serbia and Romania Hit by Cyberattacks, Data Breaches and Ransomware Attacks
In December and January, Serbia and Romania were hit by a series of cyberattacks, resulting in data breaches and ransomware infections. On December 12, the personal data of thousands of users of a popular Serbian tech forum were leaked online. On January 3, a Romanian hospital was targeted by hackers, losing access to a database of patients’ personal information and suffering a ransomware attack.
A Romanian man passes in front of a shop window of an Orange store that displays a huge 5G advertise banner, in Bucharest, Romania, 19 October 2020. Photo: EPA-EFE/ROBERT GHEMENT
On December 12, a major data breach occurred at Benchmark, a popular Serbian tech forum, when the personal data of over 90,000 users was leaked online. The dataset included sensitive information such as usernames, email addresses, and IP addresses. The incident caused widespread concern among the forum’s users, many of whom were worried about the potential misuse of their personal information. The forum launched an investigation and issued a statement apologizing for the breach and assuring users that they were taking steps to prevent such incidents.
On January 3, a cyber-attack targeted the Botosani Rehabilitation Hospital in northeast Romania. Hackers gained access to the hospital’s servers using the computer of an IT contractor and infected them with Phobos ransomware. As a result, the hospital lost access to a database containing the personal information of patients. The attack also had a major impact on the hospital’s operations, as it was unable to get its invoices paid by the National Health Insurance for the last month of 2022, causing financial strain. The hospital reported the incident to the authorities and launched an investigation to identify the attackers.