The Montenegro government has announced that the country is being hit with sophisticated and persistent cyberattacks that threaten the country’s essential infrastructure. These attacks were announced by several key ministers over Twitter and during a Montenegro National Security Council press briefing. Montenegro’s Defense Minister has publicly attributed these attacks as most likely being “directed by several Russian services.” Reported targets include electricity and water supply systems, transportation services, online portals that citizens use to access various state services, the official government website, and other government functions.
Attribution of even widespread cyberattacks can be difficult. However, the public announcement by Montenegro’s Defense Minister indicates there is a high degree of confidence in attributing the cyberattack to Russian state-sponsored activity. NATO members, primarily lead by France, have dispatched a mission to Montenegro to assist with the cyberattack. The US Embassy in Montenegro announced in a security alert that US citizens and organizations should be prepared for disruptions in utilities, telecommunications, and transportation (including border crossings and airport travel).
It is recommended that organizations everywhere review their disaster recovery plans, including actively testing designated business continuity infrastructure and backups. Politically, a cyberattack by a nation-state such as Russia may be utilized in order to accomplish a measured retaliation or demonstration of capability, and could critically disrupt the utility or logistics sectors.