The unprecedented cyber security attacks on governmental digital infrastructure in Montenegro made headlines in cyber news. However, authorities said that timely measures have been taken to mitigate its impact.

What happened?
The U.S. Embassy in Montenegro warned on its website that a persistent ransomware attack may have caused widespread disruption to public services and government services.
  • The latest cyber news was confirmed by Montenegro’s Agency for National Security (ANB). The agency revealed that government systems and other critical infrastructure and utilities including electricity, water systems, and transportation were impacted by the cyber security attacks. 
  • Several power plants were forced to switch operations manually as a result of the attack. 
  • However, officials claimed that no data was stolen in the attack.

Who is behind all this?
The officials claim that it is the work of Russian threat actors. 
  • Relations between the two countries have remained strained since Montenegro joined the NATO alliance of Western countries in 2017, after which Russia threatened retaliatory action.
  • Meanwhile, according to research group VX-Underground, the Cuba ransomware group has claimed the responsibility for the latest cyber security attacks against Montenegro’s government.
  • On its dark web leak sites, the group has shared documents containing financial details, correspondence with bank employees, balance sheets, tax income, and compensation source code of officials.

Final words
The attack on Montenegro comes just months after the Russia-linked Conti ransomware group attacked the Costa Rican government in April. The attackers had urged the citizens of Costa Rica to put pressure on their government to pay the ransom of $20 million. That’s not all. The ransomware group is also on the watchlist of US federal agencies. Last year, the FBI said that it had observed roughly 50 organizations targeted by the Cuba ransomware group.
Cyware Publisher