WannaCry ransomware virus affects over 320 public IP addresses in Romania
More than 320 public IP addresses in ROmania were affected by the WannaCry ransomware virus, with most of them being in Bucharest (94) and Iasi (38), according to data from the Romanian National Computer Security Incident Response Team CERT-RO.
Among the affected systems associated with these IP addresses, there are companies active in the energy, transport, telecom and car sectors, as well as six public institutions. Romania’s biggest carmaker Dacia was among those affected by this cyber-attack.
CERT-RO said in a statement that it assigned a team to monitor the evolution of the WannaCry campaign in Romania from the moment the first signs of the phenomenon were recorded worldwide, namely the afternoon of May 12.
However, in the absence of national legislation providing for mandatory reporting of security incidents, “CERT-RO can’t make an accurate assessment of the number of affected organizations and household users, and the impact.” Thus, it collected and processed a series of relevant information coming from sources such as the logs of connections made by computer systems exploited with sinkhole servers made up of partner organizations and researchers, notifications received from organizations and users affected by the attack, and information provided by partner organizations of CERT-RO.
Based on these data, CERT-RO found that some 326 public IP addresses in Romania were affected by the WannaCry ransomware virus. So far, CERT-RO has received three notifications of incidents resulted from the WannaCry attack, namely two from public institutions and one from a private company.
The recent WannaCry ransomware attack spread to more than 150 countries, affecting organizations active in healthcare, energy, transport, finance, and telecom sectors. According to Russian antivirus producer Kaspersky, Romania was among the ten most affected countries in the WannaCry cyber-attack.
Romanian prosecutors from the Directorate for Investigating Organized Crime and Terrorism (DIICOT) have opened a criminal investigation in rem (of the facts) for crimes against the security and integrity of computer systems and data, following the recent international cyber-attack.
Bitdefender: Recent WannaCry attack is only the first in a series of similar ones
Irina Popescu, irina.popescu@romania-insider.com