Meagre Resources Leave Montenegro Exposed to Cyber Threats

Perpetrator still unknown

The attacks of August 22 last year compromised a string of public services, including the websites of the government and the Revenue and Customs Administration.

According to the Ministry of Public Administration, 17 "information systems" in 10 institutions were infected, with 150 computer directly affected.

Four days later, the National Security Agency told reporters that Russia was to blame, but offered no evidence. Then, Public Administration Marash Dukaj told Montenegro's public broadcaster that it was in fact the work of a cybercriminal extortion group by the name of Cuba Ransomware.

Cuba Ransomware group posted it hacked Montenegrin Parliament data. Photo: Printscreen/securityweek.com

"This group has created a special virus for this attack, a virus that cannot be created in a month, and perhaps not even in a year," Dukaj said at the time. "These attacks were planned over a lengthy period of time; the very creation of the virus cost about $10 million and it has not been used anywhere so far."

What is Cuba Ransomware?

Cuba Ransomware is recognised as a major hacker group, collecting more than $60 million in ransom since 2019.

However, the US Cybersecurity and Infrastructure Security Agency, CISA, says "there is no indication Cuba Ransomware actors have any connection or affiliation with the Republic of Cuba."

More than six months later, the National Security Council announced that, "given the specific nature and complexity" of the attack, it had been unable to determine exactly who was the perpetrator, despite the assistance of the FBI in the United States and the French National Cybersecurity Agency, ANSSI.

Bulatovic said the confusion only reinforced a...