Financial Crime World

Here is the article converted to Markdown format with proper headings, subheadings, and bullet points:

Government Upgrades Cybersecurity Measures: CERT Gov Designated as Governmental Centre for Response on Cybersecurity Incidents

Chisinau, Moldova - The Government of the Republic of Moldova has recently made significant amendments to Resolution No. 414/2018, designating the Public Institution “Information Technology and Cyber Security Service” as the Governmental Centre for Response on Cybersecurity Incidents (CERT Gov).

CERT Gov Responsibilities

According to the new definitions introduced by the resolution, CERT Gov is responsible for:

  • Ensuring the implementation of incident prevention and response policies in cyber infrastructures
  • Providing technical support for the exchange of information between various groups
  • Identifying, registering, classifying, and analyzing cybersecurity incidents

Departmental CERTs

The amendments also introduce the concept of Departmental CERTs, which are subdivisions or responsible persons appointed within public entities that own infrastructure and systems of information technology and communications. These Departmental CERTs will be responsible for:

  • Maintaining mandatory operational records
  • Reporting cyber security incidents

Data Protection

As part of the implementation of the measures provided for by the document, CERT Gov and public entities must process personal data in accordance with the legislation on the protection of personal data.

A Significant Step Forward

The move is seen as a significant step forward in the country’s efforts to strengthen its cybersecurity at the national level. The Republic of Moldova has been facing an increasing number of cyber threats in recent years, including malware infestations and ransomware attacks.

Cyber Threats in Moldova

According to data collected by CERT Gov in cooperation with Shadowserver Foundation and CERT-Bund, there were over 43,000 reports on malware activity in the country between 2015-2020, with government networks being targeted at a rate of 64.33%. The most common incident classes identified during this period included:

  • Vulnerable systems
  • Compromised systems
  • Botnets
  • Malware
  • Attacks

Ransomware attacks have been dethroned by unauthorized cryptocurrency mining activities, mainly through exploiting vulnerabilities in websites or network equipment.

Risks and Threats

The risks associated with cyber-attacks on IT & C infrastructures with critical values for national security remain exacerbated by the existence of technical, procedural, and human vulnerabilities.

International Cooperation

As part of its efforts to combat these threats, the Government of the Republic of Moldova is working closely with international partners to strengthen its cybersecurity capabilities. The country’s cybersecurity landscape is expected to continue evolving in the coming years as new technologies and threats emerge.

References

[1] Resolution No. 414/2018

[2] ENISA Report on Threat Landscape

[3] CheckPoint Global Malware Detections in 2019

[4] CERT Gov Annual Report 2020

[5] Shadowserver Foundation Malware Database