- Pro
- Security
An unknown threat actor wreaked some serious havoc across Romania
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: sarayut Thaneerat/ via Getty Images)
Share
Share by:
- Copy link
- X
- Threads
- Romania’s ANAR hit by ransomware, affecting around 1,000 systems across river basin organizations
- Attackers used Windows BitLocker; ransom note left, negotiations discouraged by DNSC
- Hydrotechnical operations continue; website offline, updates shared via DNSC’s X account
Administrația Națională Apele Române (ANAR), Romania’s national public authority responsible for managing the country’s water resources, has confirmed suffering a rather disruptive ransomware attack.
As per the announcement, on December 20, an unidentified threat actor struck its geographical information system applications servers, database servers, Windows workstations, Windows Servers, email and web servers, and domain name servers. The attack then trickled down to almost all of the country’s river basin management organizations, further complicating things.
In total, around 1,000 systems are currently affected, The Register claims. It still provides its service to the Romanians, it was said, with hydrotechnical operations continuing as normal, thanks to on-site staff.
You may like-
Experts warn UK's basic infrastructure at risk after hackers target drinking water suppliers
-
Sweden power grid confirms cyberattack, ransomware suspected
-
Pro-Russian hackers tricked into attacking decoy target
BitLocker used
ANAR is a state-owned public institution operating under Romania’s Ministry of Environment. It manages surface and groundwater resources, oversees dams, reservoirs, and flood defense infrastructure, and monitors water quality nationwide. The agency is also pivotal in flood prevention, drought mitigation, and compliance with EU water directives.
At press time, the organization’s website remains offline as well, so official news is being distributed via alternative channels, including the X account of the Romanian National Cyber Security Directorate (DNSC).
Romanian Waters did not say who the threat actors are, or how they managed to cause such a large incident. It did say that this was a ransomware attack, since many files were encrypted, and a ransom note was left. The company was apparently given a week to begin negotiations.
DNSC claims the threat actors used Windows BitLocker to encrypt files, hinting that this was not the doing of a prolific hacking group.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over."We reiterate that DNSC's strict policy and recommendation towards all victims of ransomware attacks is to neither contact nor negotiate with cyberattackers, to avoid encouraging or financing the cybercrime phenomenon," the agency stressed.
"We recommend avoiding contacting the IT&C teams of the National Administration 'Romanian Waters' or ones of the river basin administrations, so they can focus on restoring the impacted IT services.”
The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
Sead FadilpašićSocial Links NavigationSead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Show More CommentsYou must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
Experts warn UK's basic infrastructure at risk after hackers target drinking water suppliers
Sweden power grid confirms cyberattack, ransomware suspected
Pro-Russian hackers tricked into attacking decoy target
Top infostealer disrupted after criminals lose server access
Emergency alert systems across US disrupted following OnSolve CodeRED cyberattack
Asahi stops pouring after cyberattack stops production
Latest in Security
Nissan says Red Hat breach affected thousands of customers
Phishing emails and fake adverts flood inboxes this Christmas - and they’re getting harder to detect than ever
NordProtect adds fraud monitoring tool to help protect users from scams
University of Phoenix data breach may have hit over 3.5 million victims - here's what we know
HPE tells customers to patch OneView immediately as top-level security flaw spotted
Motherboards from Gigabyte, MSI, ASUS, ASRock at risk from new UEFI flaw attack - here's what we know
Latest in News
Marvel Rivals studio teases a big year ahead for the game — 'We're not going to slow down'
DDR5 RAM kit from Corsair was reportedly swapped for dummy RGB modules
Dyson Spot+Scrub Ai robot vacuum first impressions: redemption?
Surfshark expands dedicated IP to Linux in its latest desktop update
‘It’s good to have limitations’: Clair Obscur: Expedition 33's creative director says Sandfall Interactive's next game won’t on a bigger scale despite huge success
Avengers: Doomsday's first trailer is now online officially
LATEST ARTICLES- 1I've reviewed over a dozen coffee makers this year, and these are my 3 favorites from 2025
- 2RAM buyers beware — expensive high-end memory kit from Corsair was reportedly swapped for dummy RGB lighting modules
- 3These are the 6 best Christmas films of all-time according to you, the TechRadar audience
- 4Marvel Rivals studio teases a big year ahead for the game — 'We're not going to slow down'
- 5Nvidia is reportedly reshuffling its cloud efforts to better combat growing competition