Hacktivist Groups Target Romania Amid Geopolitical Tensions

Security researchers have observed increased geopolitical DDoS attacks against Romania.

The data comes from recent research conducted by ASERT, which also noted that these attacks span various industries and involve multiple hacktivist groups, including CyberDragon and the Cyber Army of Russia among others.

According to an advisory published today by the company, the attacks began escalating on June 2 2024, coinciding with Romania’s potential transfer of Patriot missiles to Ukraine. 

On that day, Romanian websites reportedly suffered 352 direct-path attacks. The number of attacks remained elevated throughout June, peaking at 1016 attacks on June 5.

Several groups have taken credit for the attacks, primarily targeting government entities with the banking sector being the second-most affected. 

The context for this escalation includes discussions between Romania and South Korea about expanding their defense cooperation, which may have further provoked these hacktivist activities. Romania’s involvement in arms exports to Europe, particularly in support of Ukraine, appears to be a significant factor.

Read more on the Russia-Ukraine conflict: Russian Sandworm Group Using Novel Backdoor to Target Ukraine and Allies

The intensity of these attacks is expected to continue, ASERT warned, especially following Romania’s agreement to send a Patriot missile system to Ukraine on June 20. This decision may further incite hacktivist groups, increasing the threat to Romanian websites and critical services.

To mitigate these threats, a robust DDoS protection solution is essential. Ensuring the continuous availability of crucial websites and services is vital as adversaries persist in their efforts to disrupt operations on political and religious grounds.