Romania Says Government Institutions Face More Than 10,000 Cyberattacks a Day

What happened

Romanian government institutions are facing more than 10,000 cyberattack attempts every day, according to Defense Minister Radu Miruta, who spoke at a conference in Bucharest on Tuesday. Miruta said the attacks target a wide range of public institutions, though he did not identify which organizations are hit most often or name the groups behind the activity. He also said Romania is dealing with broader hybrid threats, including disinformation campaigns aimed at influencing public opinion. As one example, he pointed to false online claims in March that 800 wounded U.S. soldiers had been transported to a Romanian air base and would be distributed among hospitals in the country. Romanian officials have previously linked many cyber operations targeting the country to Russia, while warning that cyberattacks and information campaigns often overlap.

Who is affected

The direct impact falls on Romanian government institutions facing daily cyberattack attempts. The statement did not identify the specific agencies most frequently targeted, but it describes a broad public-sector threat environment affecting multiple state institutions.

Why CISOs should care

This matters because it shows a national-level threat environment where repeated cyberattacks and disinformation are being treated as part of the same wider pressure campaign. For CISOs in government and critical sectors, it underscores the need to think beyond isolated technical incidents and account for coordinated hybrid activity that can target both systems and public trust.

3 practical actions

1. Plan for hybrid pressure, not just technical compromise: Ensure security teams are prepared for cyber activity that may unfold alongside disinformation and other efforts to shape public perception.
2. Prioritize broad institutional resilience: Treat public-sector cyber defense as an environment-wide challenge when attacks are spread across many institutions rather than concentrated on one visible target.
3. Watch timing around political developments: Review whether cyber and influence activity tends to intensify around major policy decisions or geopolitical events that raise national exposure.

For more news about government cyber resilience and national security developments, click Cybersecurity to read more.