好的,我现在需要帮用户总结这篇文章的内容,控制在100个字以内。首先,我得仔细阅读文章,抓住关键信息。 文章主要讲的是罗马尼亚的国家水务管理局Romanian Waters遭受了勒索软件攻击。攻击影响了大约1000个计算机系统,包括GIS服务器、数据库、邮件和网络服务等。不过,关键的水基础设施运营系统没有受到影响,供水正常。 接下来,文章提到相关部门正在调查这次攻击的来源,但目前尚未确定攻击向量。威胁行为者使用了Windows BitLocker加密系统,并发出了勒索信息。当局建议不要与勒索者联系,以避免助长网络犯罪。 此外,文章还提到美国CISA和其他机构早些时候警告称,支持俄罗斯的黑客组织正在积极针对全球的关键基础设施。 现在,我需要将这些信息浓缩到100字以内。重点包括:Romanian Waters遭受勒索软件攻击、影响范围、关键系统未受影响、相关部门调查中、建议不与勒索者联系、以及CISA的警告。 确保语言简洁明了,不使用复杂的术语。同时,保持信息准确无误。 最后检查字数是否符合要求,并调整句子结构以达到最佳效果。 </think> 罗马尼亚水务管理局遭勒索软件攻击,约1000个IT系统受影响,但关键水运营业务未受波及。相关部门正调查事件原因,并计划将其基础设施接入国家网络安全平台。当局建议不要与勒索者联系。 2025-12-22 20:41:5 Author: securityaffairs.com(查看原文) 阅读量:1 收藏
Romanian Waters confirms cyberattack, critical water operations unaffected
Pierluigi Paganini
December 22, 2025
Romania’s national water management authority, Romanian Waters, was hit by a ransomware attack over the weekend.
Romanian Waters (Administrația Națională Apele Române), the country’s water management authority, suffered a ransomware attack over the weekend.
According to the National Cyber Security Directorate (DNSC), the incident affected around 1,000 computer systems across the central organization and 10 of its 11 regional offices. The attack disrupted IT assets, including GIS servers, databases, email and web services, Windows workstations, and domain name servers.
Authorities stressed that operational technology (OT) systems managing water infrastructure were not impacted, and water operations continue to function normally.
“The National Directorate of Cyber Security (DNSC) was notified on December 20, 2025 of a ransomware cyber attack on several workstations and servers belonging to the National Romanian Waters Administration and a number of 10 (out of 11) water basin administrations in the country, including Oradea, Cluj, Iași, Siret, Buzău.” reads the press release published by DNSC. “Due to this cyber incident, approximately 1,000 IT&C systems were compromised, including Geographical Information System (GIS) application servers, database servers, Windows workstations, Windows Server servers, email/web servers, and Domain Name Servers (DNS).”
Technical teams from the DNSC, Romanian Waters, the SRI’s National Cyberint Center, affected entities, and other authorities are actively investigating the incident and working to contain its impact. DNSC states that the Romanian Waters’ infrastructure is not yet connected to the national cyber protection system operated by CNC. Authorities have started the process to integrate it into CNC’s security platforms, which use advanced technologies to protect critical public and private IT and communications infrastructure from cyber threats.
Government experts who are investigating the incident confirmed that threat actors used Windows BitLocker to encrypt systems and issued a ransom note demanding contact within seven days. However at this time, the attack vector has not yet been identified.
DNSC reiterated its strict advice not to contact or negotiate with ransomware actors to avoid encouraging and funding cybercrime.
“We recommend that the IT&C teams of the Romanian Waters National Administration or the basin administrations not be contacted, so that they can focus on restoring IT services!” concludes the report
In early December, CISA, alongside the FBI, NSA, Europol’s EC3, and other global partners, warned that pro-Russia hacktivist groups such as Z-Pentest, Sector16, NoName, and the Cyber Army of Russia Reborn are actively targeting critical infrastructure organizations worldwide.
In early December, US CISA together with the FBI, NSA, European Cybercrime Centre (EC3), and various other cybersecurity and law enforcement agencies worldwide, warned that pro-Russia hacktivist groups, including Z-Pentest, Sector16, NoName, and CARR (Cyber Army of Russia Reborn), are targeting critical infrastructure organizations worldwide.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Romanian Waters)
如有侵权请联系:admin#unsafe.sh