Financial Crime World

Moldova’s Cyber Vulnerability: A Threat to the Region

As Ukraine continues to battle against Russian cyber operations, Euro-Atlantic policymakers are increasingly concerned about anticipating and denying future national cyber incidents elsewhere. One country that finds itself in a precarious position is Moldova, a small nation bordering Ukraine that has been a target of increasing cyber attacks.

A History of Cyber Attacks

Moldova’s cyber defenses have been repeatedly breached in recent years, with attackers exploiting vulnerabilities in the country’s critical infrastructure and public sector. In 2020, a large-scale cyber attack disrupted Moldova’s banking system, causing significant financial losses. Since then, the country has faced numerous smaller-scale attacks, including phishing campaigns and ransomware assaults.

Key Events

  • 2020: A large-scale cyber attack disrupted Moldova’s banking system, causing significant financial losses.
  • Phishing campaigns and ransomware assaults: Moldova has faced numerous smaller-scale attacks since 2020.

International Support

Recognizing the threat to Moldova’s national security, international partners have been providing long-term cyber capacity building (CCB) activities to help strengthen the country’s defenses. The Estonian e-Governance Academy has supported legislative, strategic, and organizational reforms over the past decade. Additionally, Czechia and Romania have commenced bi-lateral cyber-assistance programs with Moldova, aiming to enhance cyber resilience through information-sharing, strengthening government capacities, and encouraging cross-border public-private partnerships.

International Partnerships

  • Estonian e-Governance Academy: Provided support for legislative, strategic, and organizational reforms over the past decade.
  • Czechia and Romania: Commenced bi-lateral cyber-assistance programs with Moldova to enhance cyber resilience.

EU Support

Since the onset of war in Ukraine, there has been a significant increase in CCB activities. In May 2022, the EU launched the Moldova Cybersecurity Rapid Assistance program to improve cyber resilience across the public sector and key critical infrastructure sectors. The project aims to develop diverse capacity outcomes, including adjusting the normative-legislative framework of cybersecurity, increasing societal awareness and hygiene, and developing targeted technical skills.

EU Initiatives

  • Moldova Cybersecurity Rapid Assistance program: Launched in May 2022 to improve cyber resilience across the public sector and key critical infrastructure sectors.
  • Capacity building activities: The project aims to develop diverse capacity outcomes, including adjusting the normative-legislative framework of cybersecurity.

Filling the Gaps

Significant international support for Moldova’s cyber resilience demonstrates an acknowledgement that effective cyber defense is best built before a large-scale incident. While existing preparations cover many areas, targeted activities can still move the needle. Further international support should prioritize three actions with a sense of urgency:

Urgent Actions

  1. Prepare and maintain a list of Moldova’s immediate operational needs: CERT-GOV-MD and an external technical body should prepare and maintain a list of Moldova’s immediate operational needs in case of a national cyber incident.
  2. Undertake “Hunt forward”-style operations: “Hunt forward”-style operations should be undertaken on Moldova’s networks to identify existing vulnerabilities and any attackers that have compromised Moldovan networks.
  3. Fast-track Moldova for involvement in NATO’s CCDCOE exercises: Moldova should be fast-tracked for involvement in NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) exercises.

Conclusion

Moldova’s cyber vulnerability is a threat not only to the country itself but also to regional stability. As international partners, we must prioritize long-term capacity building and targeted activities to strengthen Moldova’s defenses. By working together, we can help prevent future cyber incidents and ensure the security of this critical region.