Montenegro Accuses Cuba Ransomware of Being Responsible For Hacking Into Its Government's Digital Infrastructure

JAKARTA - Montenegro on Wednesday, August 31 blamed a criminal group called Cuba ransomware for a cyberattack that has hit its government's digital infrastructure since last week. This cyberattack was described by state officials as unprecedented or extraordinary.

The Minister of Public Administration, Maras Funeralj, told state television the group had created a special virus for an attack called Zerodate, with 150 workstations in the country's 10 infected institutions.

The government's internet site has even been shut down since the attack. Montenegro's National Security Agency (ANB) has also linked the attack to Russian entities, although the data theft rate is unclear.

"We have received official confirmation, it can also be found on the dark web where documents hacked from our computer system will be published," said Funeral, as quoted by Reuters.

The Montenegro government itself has not received a ransom request for compromised material.

On its dark web leak site, as seen by Reuters, Cuban ransomware group claimed responsibility for the attack, saying it had obtained "financial documents, correspondence with bank employees, account transfers, balance sheets, tax documents," from the parliament of Montenegro on August 25. 19.

Parliament, which is not in the government's computer system, denied the theft of data, saying that after a period when data was inaccessible on August 20-21, the system was fully recovered and operational. "The data claimed to have been obtained by the group is actually available to the public on the web portal," said Parliament Speaker Montenegro.

Also on Wednesday, the Ministry of Home Affairs of Montenegro said the US Federal Bureau of Investigation (FBI) would send a Cyber Action Team to Montenegro to help investigate the attack.

Government officials have confirmed that ANB suspected that Russia was behind the attack, saying it could be revenge after NATO members such as Montenegro joined the EU's sanctions program against Russia and expelled several Russian diplomats.

The hackers also attacked the country's digital infrastructure in Montenegro on election day 2016, and once again during a span of several months in 2017 when the former republic was due to join NATO.

Interestingly, a hacking attack involving a country has recently become increasingly widespread. It can even be called a cyber war between countries that forces all parties to be more careful with this cyber war.