Bosnia and Herzegovina investigating alleged ransomware attack on parliament

Prosecutors in Bosnia and Herzegovina are investigating a wide-ranging cyberattack that has crippled the operations of the country’s parliament.

For nearly two weeks, the website for the country’s parliament has been down, and local news outlet Nezavisne spoke with several lawmakers who said they were told to not even turn on their computers, barring them from access to their email accounts and official documents. 

A spokesperson for the prosecutor’s office of Bosnia and Herzegovina told The Record that they were assigned the case a couple of days ago.

“The prosecutor who was on duty on that date gave necessary instructions to officers in law enforcement agencies and the aim is to clarify all the circumstances of the case and to protect the cybersecurity of the IT system and the capacities of the institutions of BiH [Bosnia and Herzegovina],” spokesperson Boris Grubešić said. 

“The case is in progress and, therefore, we cannot give any other additional information at this stage.”

Zlatko Miletić, a delegate in the House of Peoples, told Nezavisne that it is impossible for lawmakers to get any work done and that the attack started around September 8 or 9. 

While the prosecutor would not say what type of attack it is, sources confirmed to Nezavisne that it involved ransomware. The Sarajevo Times reported that the main server of parliament was shut off after the attack.

“Users are unable to access the server, and the e-mail address and the official website are inactive,” a parliament spokesperson told the news outlet. 

Several lawmakers said part of why they were told not to turn on their computers was out of fear ransomware would spread to their device. 

Miletić was critical of the government’s cybersecurity experts, claiming “no one cared” before the attack. 

“There was enough time to buy adequate technical means, that is, to additionally protect those servers. They must understand that the field of security requires investment. There is no security without equipment,” Miletić told Nezavisne. “Those technical means are expensive, but we must inevitably acquire them. Not only the parliament, but all institutions that deal with storing various data. This is a good lesson.”

Another lawmaker, Dušanka Majkić, expressed concerns about data that could be found on government computers, noting that she had files on her device dating back to 2004.

The country is in the midst of political turmoil as concerns grow about secession efforts by Republika Srpska. If rumors of a ransomware attack are confirmed, this would be the latest incident this year to see ransomware groups exploit political disputes before launching an attack.

The now-defunct Conti ransomware group launched a devastating attack on Costa Rica that the new president called an attempt to “threaten the stability of the country in a transition situation.”

A ransomware attack on the government of Montenegro three weeks ago took place right as the current government was effectively removed from office by a no-confidence vote

Several other parliaments around the world have faced off against ransomware gangs and hackers in recent years. Just last week, the legislature of Argentina’s capital city dealt with a ransomware attack that crippled its internal operating systems and WiFi network.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.