Ransomware Attack Spreads to Romania

At least three multinational companies in Romania have been affected by the massive cyberattack that has hit institutions, companies and banks in Russia, Ukraine, Denmark, the UK and even the United States - and which continued to spread on Wednesday into Asia.

The ransomware GoldenEye cyber-attack started in Ukraine on Tuesday, targeting the power grid, airport, national bank, communications firms and even the Chernobyl radiation monitoring system, taking over the computers, encrypting user data and then demanding ransoms in order to allow access again.

Romanian cybersecurity experts said Romania was far less affected than Ukraine. Intelligence Spokesman Ovidiu Marincea on Wednesday said none of the 54 state institutions protected by the national IT&C protection system had been affected.

However, he said, that system only covers state institutions, not private companies.

Romanian cybersecurity company Bitdefender on Tuesday said the new ransomware attack exploits the same vulnerability in the Windows operation system developed by the US National Security Agency, NSA, which has been stolen by hackers and then used in cyber-attacks such as WannaCry and Adylkuzz mid-May, which affected 150 countries.

Romanian companies were also hit by the WannaCry ransomware attack in May, with car manufacturer Dacia-Renault among those affected.

A few days before, the Foreign Ministry reportedly foiled a phishing attack using an e-mail from a NATO official.

After the two attacks, the SRI organized Romania's largest national cyber-attack exercise with 60 companies and state institutions participating.

In mid-March 2017, Microsoft developed a patch that blocks ransomware from exploiting the vulnerability, but a large number of...

Continue reading on: