Cyberfraud in Romania up over 40pct in 2024, malware attacks up 286.8pct (official report)
Cyberfraud reported in Romania in 2024 increased by 40.2% year-on-year, in line with global and European Union (EU) trends, while malware attacks surged by 286.8%, according to the 2024 Annual Report of Romania's National Cyber Security Directorate (DNSC) released on Wednesday at a news conference.
According to the document, as far as cyberfraud is concerned, its increase is a consequence of increasingly aggressive and innovative techniques, tactics and protocols of criminals, correlated with a surge in attacks using telephone spoofing techniques and financial investment schemes, which exploit the trust of victims through false financial opportunities aggressively promoted. Also, the increase in the number of frauds reported to DNSC is also influenced by the DNSC messages and actions in the public space, encouraging their reporting to the authorities.
In terms of malware, the report reveals a surge by 286.8% in 2024 from 2023, while the number of compromised applications followed an upward trend (+125%).
'This trend shows a significant and worrying development in the capabilities and expertise of cyber attackers, who have become very prolific in creating new varieties of malware, with an estimated 500,000 pieces of malware being generated daily. It is also a clear indication of the attackers' intention to exploit vulnerabilities in the supply chain with the applications they produce. Also, the trend indicates the need to use antimalware solutions as a priority,' the DNSC report mentions.
Bruteforce (+30.3%) and Compromised Account (+21%) were the two types of cyber attacks that grew in use. Specialists argue that the trend can be explained by an increase in the number of automated attacks, and also by the poor implementation of multi-factor authentication at the user level, corroborated with a proliferation of standard user activity on a significantly increased number of platforms and applications, with the re-use of user precautions.
On the other hand, phishing attacks decreased by 21%, year-on-year. The decline is mainly due to the success of user education campaigns, but also to the steps taken by DNSC for the large-scale implementation by organisations of email server security measures (SPF/DKIM/DMARC).
Also, a 27.8% decrease was reported in infected IPs, which may reflect better protection at the network level and the adoption of more advanced security solutions by organisations.
Other decreases were reported in website defacements (-45.8%) and DDoS (-38.5%) attacks, respectively. 'These decreases indicate an improvement in server monitoring and protection against volumetric attacks nationwide, with public and private sector organisations increasingly adopting cybersecurity services and solutions,' the report said.
In 2024, DNSC intervened to support players impacted by a series of cyberattacks and cyberincidents in: energy (Rompetrol and Mol Romania); banking (Alpha Bank, Banca Transilvania, Banca Comerciala Romana, Creditcoop, Exim Bank, Edificium, Banca Nationala a Romaniei, Banca Romana de Credite si Investitii, Bucharest Stock Exchange and the Bank Deposit Guarantee Fund; digital infrastructure/telecommunications (Orange, Telekom and GTS); transport (National Railway Company - CFR, National Road Infrastructure Management Company - CNAIR, Bucharest National Airports Company, Port of Constanta, Astra Trans Carpatica Feroviar, Baneasa Airport and Metrorex); and central and local public administration (Romanian Government, Special Telecommunications Service, National Directorate of Cyber Security, Ministry of Internal Affairs, the Romanian Senate, the Ministry of Foreign Affairs, the Ministry of Public Works Development and Administration, the Ministry of Tourism and the Bucharest City Hall).
Other attacks reported during the past year targeted websites, including, but not limited to, the official pages of some political parties - e.g. Alliance for the Union of Romanians, encryption and sensitive data exfiltration, such as the exfiltration of data from the Chamber of Deputies, bruteforce attacks, for example attacks that targeted the infrastructures of the Bucharest City Hall, Bucharest Transport Company, Romanian Railway Authority, University of Bucharest, based on source IPs hosted in Russia.
At the same time, the ransomware phenomenon is one of the most persistent and serious, with 101 such incidents detected and managed in 2024 by DNSC. Among them was a cyberattack of the Romanian Soft Company - the developer of the Hipocrates platform, which offers internal flow services to hospital units. Following the attack, 26 hospitals were directly targeted, being unable to carry out their business for about a week.
In addition, other ransomware attacks targeted companies of the Electrica S.A. group, with a major impact on the public services offered by Electrica Furnizare S.A. and Distributie Energie Electrică Romania S.A., with the consequence of affecting a number of over 800 servers and 4,000 workstations located at the Bucharest, Ploiesti, Brasov and Cluj branches; the City Hall of Timisoara as well as institutions under their authority (the Tax Directorate of the City of Timisoara and the Timisoara General Local Police Directorate), with approximately 112 systems affected; infrastructure of the project 'National Management System on Disability' for the National Authority for the Protection of the Rights of Persons with Disabilities (ANPDPD); the Bucharest District 5 City Hall, which had a major impact on the services made available to the public, affecting the Domain Controller servers, the Local Police telephone exchange and workstations.
The 2024 DNSC activity report was recently approved by the Supreme Council for National Defence (CSAT). AGERPRES (RO - editing by: Daniel Badea; EN - writing by: Corneliu-Aurelian Colceriu)
The content of the www.agerpres.ro website has the exclusive purpose of public informing.
All the information published on this website by AGERPRES is protected by relevant legal dispositions.
It is forbidden to copy, reproduce, recompile, decompile, distribute, publish, display, modify, create derived components or products or full services, as well as any exploitation of the site's content.
Details in the section Terms of Use. If you are interested in picking up AGERPRES news items, please contact the Marketing Department – marketing@agerpres.ro.
The use of the Comments section entails your obligation to respect the AGERPRES terms and conditions in regards to the publishing of comments on the www.agerpres.ro.
Other news in category
President Dan: Black Sea threat research, recognition missions to increase this summer
President Nicusor Dan on Saturday said that Romania's Defence Ministry (MApN) and the Ministry of Internal Affairs (MIA) will intensify, during the summer, the threat research and recognition missions so that the Romanian seaside is safe. He said, at the end of a working session in which the incident caused by Ukrainian sea drones that exploded in the port
President Dan says sea drone self-destructed in Constanta is new technology
President Nicusor Dan says that the Ukrainian sea drone that exploded on Friday in the Romanian Black Sea port of Constanta could not be intercepted as a result of the lack of equipment capable of detecting such threats. He said on Saturday, at the end of a working session in which the incident caused by the Ukrainian sea drones that exploded in the port of Co
Professor Mazzoni at Bookfest: I see an admirable effervescence in Romanian culture and literature
Professor Bruno Mazzoni, one of the greatest supporters of Romanian literature in Italy, said on Saturday that Romanian literature is witnessing an 'admirable effervescence', noting the very large number of translations of Romanian writers that appear abroad. 'I see an admirable effervescence in Romanian culture and literature, because, even after
#NadiaYear/ Nadia Comaneci kicks off Olympic Day National Cross
Retired legendary gymnast Nadia Comaneci on Saturday kicked off the Olympic Day National Cross, a competition organised by the Romanian Olympic Committee, through the Romanian Olympic Academy, as part of the Nadia Comaneci Year events, near the Arch of Triumph in Bucharest. The 39th edition of this event was attended by several thousand runners, in several age
Constanta drone explosion/SCOMAR is maritime surveillance system, not military anti-drone system (Interior Ministry)
Bucharest, June 5 /Agerpres/ - The Ministry of Internal Affairs (MAI) reports that the SCOMAR system was developed for maritime surveillance by the Coast Guard and is not a single radar or a military anti-drone system, and the unmanned maritime drone involved in Friday's incident in the Port of Constanta has other characteristics, different from the profile of the boats
Constanta drone explosion/Nicusor Dan says Ukraine warned Romania in time before drone self-detonated
Ukrainian authorities notified Romania before the drone that drifted toward the Black Sea shore self-detonated, and all people in the area had already been evacuated at that moment, President Nicusor Dan said Friday at a press conference after attending the EU - Western Balkans Summit in Montenegro. He said he would hold discussions on Saturday with the instit
FEATURE STORY/ Castles Fair showcases leading museums and cultural institutions
Some of Romania's most important museums and cultural institutions are represented at this year's edition of the Castles Fair, held Friday and Saturday at Corvin Castle in Hunedoara, an event aimed at promoting significant historic monuments open to the public. This year's edition is organised under the banner 'The Year of Iancu de Hunedoara: H
MEP Siegfried Muresan: Russia is using hybrid aggression in Romania just as it did in Republic of Moldova
Russia is 'trying to intimidate Romania' and 'we are seeing drones sent by Russia or jammed by Russia precisely to fuel pressure for a rapid vote on a government, even if it is a weak one,' PNL MEP Siegfried Muresan wrote Friday on Facebook, after the explosion in Constanta Port of a Ukrainian maritime drone that, according to the Ukrainian Navy, veered off c
PM-designate Eugen Tomac urges greater vigilance, responsibility from institutions as security risks multiply
Prime minister-designate Eugen Tomac said on Friday that it is essential for state institutions to raise their vigilance alongside greater accountability from decision-makers, as security incidents are becoming more frequent. 'We are going through a period in which security incidents are starting to multiply. Naturally, they fuel a sense of uncertainty in
Constanta drone explosion/Ukraine says Navy drone was jammed; cooperation with Romania prevented casualties
The maritime drone that exploded Friday in the Civil Port of Constanta was a Ukrainian device that went out of control after being jammed by Russian electronic-warfare systems, the Ukrainian Navy said, as cited by Reuters and AFP. As a result of the jamming, the drone veered off course and drifted toward the Romanian coast, the Navy added in the same statement
Drone explosion/Nicusor Dan: Ukrainian forces lost control as a result of actions taken by Russia
The naval drone that exploded on Friday morning in the Port of Constanta was part, along with other similar means of combat, of a military operation led by Ukraine against Russian aggression, and Ukrainian forces lost control as a result of electronic warfare actions undertaken by Russia, President Nicusor Dan said on X on Friday. According to the head of stat
Drone exploded in Constanta/AUR: National security is not defended through sterile explanations, but through competence
Drone exploded in Constanta/AUR: National security is not defended through sterile explanations, but through competence 'After years of being told that Romania is prepared for any scenario, we find every week that the authorities are taken by surprise by each incident. Romania has reached an alarming situation. Just a few days after the Galati incident, we
Ursula von der Leyen expresses solidarity with Romania after new drone incident
European Commission President Ursula von der Leyen expressed solidarity with Romania following Friday's incident in the Constanta Port, where a drone crashed and exploded. 'Solidaritate cu Romania! (Solidarity with Romania),' Ursula von der Leyen said in Romanian, in a post on the X social media platform. 'One week after a drone
FITS 2026: 38 theatre, music, dance and circus performances to be available online
The Sibiu International Theatre Festival (FITS) announced on Friday that it will make 38 performances available to audiences in Romania and abroad for online viewing during this year's edition through the FITSonline platform. According to a press release from the organisers, access to each online performance is available through a ticket priced at 30 lei,
Drone explosion/ Industrial hall in maritime port destroyed by blast wave
An industrial hall in the area of berth 78 in the Constanta Port has been destroyed after a maritime drone exploded on Friday in the port. Sources in the maritime port told AGERPRES that the blast tore off parts of a hall belonging to a commercial company. Port workers also said that the authorities remain mobilised, as three other maritime dron