Romanian Intelligence Service Cyber Threats Presentation

The following presentation was given at a Hungarian cybersecurity conference in September 2013 by members of Romania’s domestic intelligence service Serviciul Român de Informaţii.


  • 13 pages
  • September 2013



Cyber attacks are included in the offensive arsenal of some state actors, but also have build-up complex resources to cover and deny their involvement, including using hackers and organized cyber crime networks as proxies (e.g “patriotic hackers“); IT&C companies, operating globally, could be used as attack vectors against nations

Cyber espionage operations are an essential part for state actors effort to reduce its dependency on foreign technologies and has the potential to supply cyber systems with subtle altered components

Romania has been confronted with state-sponsored cyber attack, operation Red October, investigated by SRI since 2011, as national authority in cyberintelligence, in cooperation with other national institutions with responsibilies like STS, SIE and CERT-RO and with foreign partners. The investigations revealed that hostile cyber entitites are aiming to obtain access to national strategic networks and gather intelligence


Cyber criminals are mainly aiming to obtain financial gains from online sales and banking systems, by means of cyber operations, employing a wide variety of methods, including phishing , spamming, social engineering, skimming, carding, as well as hacking techniques against targeted computer networks or personal workstations

Two major cases involving cyber crime attracted the public eye, operation PENE – organized crime group specialised in electronic frauds, comprised by 24 that defrauded almost 350 persons from the US, Canada and UK, causing losses of over 8mil. USD – and operation PĂUNESCU – a crime group led by Mihai-Ionuţ Păunescu whose purspose was launching cyberattacks against various financial/bancking institutions in the US, like United States Postal Services and Bank of America, causing losses of aprox. 240 mil. USD.


Next to state and crime involvement, hackers may have a large variety of motivations ranging from sheer misplaced (usually juvenile) assertiveness to some forms of ideological-type convictions

As justification for their acts, they promote the idea of free access to information or attacking (on political, social or religious grounds) certain official decisions, stances and acts

Romania was confronted with the actions carried by the members of Anonymous Romania who, starting January 2012, who launched a high number of cyber attacks against national public institutions. They have also been involved in initiating cyber attacks on foreign entities from the US, Czech Republic, Serbia, Poland and Brazil. Anonymous Romania also supported Anonymous International in attacking various IT systems outside Romania.


No unanimously accepted definition for cyber terrorism – against computer systems managing CIs, aimed to produce direct, large scale, and terror-generating effects – for all terrorism-related activities (propaganda, recruitment, communications, financing, gathering information)

No substantial indications of existing or imminent cyber terrorism capabilities to attack computer systems managing CIs

In time, can achieve sufficient know-how by specializing themselves or recruiting like-minded specialists

No evidence in Romania of such aggressions

Share this: