More than three weeks after massive cyberattacks on government servers, public administration systems continue to operate offline
Montenegro’s Ministry of Public Administration on Friday said the country’s administration will continue to function offline, as the government servers are still at risk of more cyber-attacks.
The digital infrastructure of a major part of Montenegro’s public administration has been offline since August 26, following an unprecedented series of ransomware attacks on government servers.
“Certain workstations are compromised, so the system must stay offline before the entire network is safe. We must be sure that the network and all devices are clean so that attacks don’t happen again,” the ministry told BIRN.
Government servers were hit with ransomware, a type of malware attack in which the attacker locks and encrypts the target’s data and important files and then demands a payment to unlock and decrypt the data.
After the second cyber-attack, on August 26, certain services were switched off temporarily for security reasons, causing problems in the functioning of the public administration. On September 1, the FBI sent a team to assist in the investigation.
The head of the state Cyber Security Service, Dusan Polovic, said on September 15 that the system could go online again in the next few weeks, stressing that the systems have a backup copy, which means that the data are saved.
“Some of the workstations are encrypted, so we are not sure if those computers will be used again. Therefore, we have a backup system, so in that sense, we should not suffer any damage,” Polovic told Radio Free Europe.
After the cyber-attacks on August 26, the Agency for National Security, ANB, accused Russian services of organizing them.
But on September 1 Russia’s Foreign Ministry dismissed the claims as part of a “continuous policy of dismantling relations with Moscow in order to please the United States”.
On August 31, Public Administration Minister Marash Dukaj blamed the known ransomware extortion specialists Cuba Ransomware for the attack. The group has claimed responsibility for the attack. Dukaj said the group had created a special virus for this attack, costing about 10 million US dollars, which has not been used anywhere so far.