Russian Hacktivists Target Romanian Government Websites with DDoS Attacks

On April 30, 2022, Romanian cybersecurity experts from the National Cyber Security and Incident Response Team (DNSC) reported that Russian hacktivists from the Killnet group launched DDoS attacks against major government websites in Romania. Killnet representatives claimed responsibility for these incidents in their Telegram channel.

The DDoS attacks were reportedly organized in response to a statement by Marcel Ciolacu, the Speaker of the Romanian Parliament, who promised Ukraine’s authorities “maximum support” regarding the supply of lethal weapons.

Details of the Attacks

According to DNSC, the following websites were targeted by the hackers:

• gov.ro – Official website of the Romanian government
• mapn.ro – Official website of the Romanian Ministry of Defense
• politiadefrontiera.ro – Official website of the Romanian Border Police
• cfrcalatori.ro – Official website of the Romanian National Railway Company
• otpbank.ro – Romanian-language website of OTP Bank

Romanian intelligence services reported that the DDoS attacks began at 4:00 AM local time and originated from compromised network equipment located outside the country. The attacks lasted several hours, but by around 11:00 AM, the affected websites were operational again.

Background on Killnet’s Activities

Previously, Killnet has carried out similar DDoS attacks on various resources in the United States, Czech Republic, Estonia, Germany, and Poland. These attacks have been driven by political motives, with the group demanding an end to the supply of weapons and military equipment to Ukraine.