The website of the Official Gazette (sluzbenilist.me) has not been operational for two months since the first cyber attacks on the information and communication infrastructure of the Government of Montenegro at the end of August.
From the Ministry of Public Administration (MJU), of which he is the head Marash Dukaj, told "Vijesti" that additional scans are underway and that the online edition of the Official Gazette should be online soon.
"Additional scans are being carried out on the website of the Official Gazette, and after a successful procedure, it will be available, expected in a shorter period of time", he answered the editors briefly. Dusan Polović, general director of the Directorate for Infrastructure, Information Security, Digitization and e-Services.
Laws and other regulations adopted by the competent authorities of Montenegro are published in the Official Gazette: the Constitution, constitutional amendments, laws, other regulations and acts of the Assembly, confirmed international agreements, decrees, decisions and other acts of the President and acts of the Council for Defense and Security, decrees, decisions and other acts of the Government, by-laws and other acts passed by ministries, decisions and other acts of the Constitutional Court, acts of the Judicial Council, judicial bodies, the Prosecutor's Council and the State Prosecutor's Office, for which it is determined by law... Judgments of the European Court of Justice are also published in SL of the court for human rights related to Montenegro, acts of regulatory bodies, other legal entities and entities (councils, commissions, etc.) adopted in the exercise of public authority, regulations of local self-government bodies...
At the end of last week, the Government portal (gov.me) was again unavailable for a short time, but the problem was solved within a few hours.
When asked by "Vijesti" whether they have changed anything since the first cyber attacks in terms of improving security, Polović said that "improvements are continuously made by implementing additional platforms for security".
Cyber attacks on the Government's IT infrastructure began on August 20 and, as MJU said at the time, they are the most intense ever against a country. The information system of the Assembly was also exposed to the cyber attack on the same day and the day after, from which they announced that "there was no damage to the data", that "it was not in offline mode and it functions stably at full capacity".
Various statements from the highest state addresses could be heard regarding where the attacks were coming from. The public administration department said that the attack "was not the work of an individual, but an organized group". After it was announced in the first days that the attacks might be coming from Russia, Minister Dukaj said that the international criminal group "Cuba Ransomware" (Cuba ransomware) is still in question. BIRN previously reported that, according to their sources, the attack came from within and that the malicious code was spread from a computer connected to a government server.
After the Government website and other websites under the gov.me domain were unavailable for days, the portal of the Central Register of Business Entities (CRPS, crps.me) returned to online mode on the ninth of September. Almost a month after the start of the attack, on September 18, the Government's website is back in operation. However, judging by the e-mail addresses they use in communication with the media, the official e-mails are not yet functional. Thus, the Government still communicates from the Internet address registered on the gmail.com service.
In this regard, the public administration department told "Vijesta" in September that by creating and using gmail e-mail addresses for communication due to a cyber attack, the Government and several of its departments violated the Law on Electronic Administration. According to that law, official addresses for electronic communication cannot be located on the information and communication infrastructure outside of Montenegro. Earlier, the Ministry of Justice said that they sent an appeal not to do this, and they did not make any decision that would regulate the creation and use of e-mail addresses until the recovery of those under the Internet label gov.me.
"The MJU did not pass a special Decision on the opening of e-mail accounts, which would be an exception to the application of the Law on Electronic Administration. On the contrary, the MJU appealed that the institutions that are under the gov.me domain do not open unique official addresses for electronic communication, which would be located on the information and communication infrastructure outside of Montenegro. Namely, the Operational Team for Countering Cyber Incidents considered the above-mentioned issue and in that direction created recommendations and measures, which will be delivered to the institutions as soon as possible, in order to "raise the awareness" of the institutions that even in such an emergency situation, for security reasons, the provisions must not be violated of the Law on Electronic Administration, which regulate the issue of unique official addresses and electronic communication. The Ministry of Justice is making efforts to make the unique official addresses of organs and employees in the organs functional and work processes easier, since during the resulting cyber-attacks the institutions were forced to use paper communication more," they told "Vijesta" in mid-September.
According to the Cyber Security Strategy from 2022 to 2026, which was published at the end of June, Montenegro does not have adequate mechanisms for detecting cyber threats, as well as mechanisms for a sufficiently quick response, i.e. recovery from cyber attacks. In addition, the lack of experts in the field of cyber security is recognized as a global problem, while in Montenegro, due to limited human resources, this problem is even more pronounced. It also says that the increase in the number of cyber attacks is expected, that this number will grow exponentially over the years, that attacks are becoming more complex and with greater consequences for the infrastructure, functioning of the public administration and citizens. It was also established that with the development of information technologies and the increase in their application, the range of threats to cyberspace is also increasing.
It was established that Montenegro needs an accelerated and comprehensive development of cyber capacities.
During the spring of 2023, based in the Science and Technology Park in Podgorica, the Regional Center for Combating Cybercrime and Cybersecurity should start its first activities.
See more:
Download the app and follow the news
FOLLOW US ON
