Bogdan Ivan, Minister of Digitalization: "Investment in the IT infrastructure of the Romanian state must be the zero priority"

The cyber attack on the Chamber of Deputies constituted a lesson from which the state authorities must learn and understand that the world has changed at a dizzying speed in recent years, said Bogdan Ivan, Minister of Research, Innovation and Digitization, yesterday, after the government meeting .

Bogdan Ivan stated: "When we talk about data security, about cyber security, we no longer have borders, because the Internet has no borders. And, from this point of view. the investment in the IT infrastructure of the Romanian state must be the zero priority".

The Minister of Digitalization stated that following the cyber attack on the Chamber of Deputies, 316 files were copied by hackers, of which 190 documents were scanned and 36 were editable, the total volume of data accessed being 300 Megabytes.

Bogdan Ivan said: "The content of these documents was predominantly public and concerned service contracts, institutional addresses, data from the budget, but also data that are not intended for the public, such as the copies of the parliamentarians' identity documents. We have the ability to recover all that data, because there is back-up, but also to ensure the security of the current system. At the moment, the competent institutions of the state are at the Chamber of Deputies to solve this security breach".

Regarding the incident that took place at the Chamber of Deputies, Minister Ivan also showed that the administration of the IT system was carried out under its own direction by the respective institution through the IT department, which assumed responsibility for the cyber security of its own website. His Lordship specified that, following the checks carried out in the last few days, it was found that the systems were not updated to the level of those existing today, on some computers at the Chamber of Deputies still running Windows 7 "which is a much outdated version", according to Minister of Digitization.

Bogdan Ivan also showed that after the cyber attack on the Chamber of Deputies, the DNSC website was subjected to a strong but unsuccessful attack by hackers.

Minister Ivan specified: "During the night from Tuesday to Wednesday, between 1:00 and 7:00 in the morning, the website of the National Directorate for Cyber Security was attacked with a weight of approximately 18,000 accesses per second. At the moment, the effects are null for the DNSC site. No files were copied, the site was not brought to a non-functional state, it works and is protected".

According to the government official, our country faces 25,000 cyber attacks every day and more than 90% of the cyber attacks that end up being successful are due to human errors: accessing a website that contained malware, opening an unknown link , opening an email received from an unknown address.

In order to keep cyber attacks under control, but also to respond immediately in the event of such a situation, the Government yesterday amended article 25 of law 58/2023 on cyber security and established the obligation of entities to inform the institutions within 48 hours at most to the state about the situations in which their IT infrastructure is affected, in order to identify, correct and avoid cyber security risk as much as possible.