Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

Moldova’s Mighty Mission to a Cyber Resilient State

Through progressive EU integration, the Eastern European country is heavily investing in cybersecurity and critical infrastructure via industry partnerships, education and awareness campaigns.
By Nuray Taylor
As it works toward European Union integration, Moldova is investing in its cybersecurity initiatives. Credit: Lalandrew-stock.adobe.com
As it works toward European Union integration, Moldova is investing in its cybersecurity initiatives. Credit: Lalandrew-stock.adobe.com

Having gained its independence following the collapse of the Soviet Union in 1991, Moldova is one of Europe’s poorest countries and is vulnerable to cybersecurity attacks. However, in the last few years, resources have grown, talent has evolved and is making strides in improving its cyber resilience and critical infrastructure security.

Situated between Ukraine and Romania, Moldova is a post-Soviet country with a population of about 2.4 million people. Numerous public reports have made it clear: Russia continues its attempts to interfere and destabilize sovereign nations through propaganda, disinformation, pro-Kremlin influence and, in the modern world, large-scale cyber attacks. The re-election of President Maia Sandu in 2024 marked a pivotal moment in Moldova’s history, demonstrating public support for joining the European Union.

Notably, the first regional cyber alliance between Ukraine, Romania and Moldova was established at the end of February.

“The alliance’s objective is to enhance resilience to cyber and hybrid threats through strategic coordination, knowledge exchange, deployment of advanced technologies, coordinated response to cross-border cyber incidents, and mutual support in safeguarding democratic values,” wrote Nataliya Tkachuk, head of the Information and Cyber Security Directorate at the Office of the National Security and Defence Council of Ukraine, in a LinkedIn post celebrating the milestone.

“It is important not only that we share a common enemy and face the same threats,” the post stated. “Even more importantly, we share common values and common understanding that only together can we strengthen cyber resilience in our region of Europe. Ukraine will make every effort, applying all our experience and expertise, to ensure this alliance is practiced, effective and results-oriented.”

“Since 2023, Moldova has [had] a new cybersecurity law that implements the legal framework of the European Union,” said Mihai Lupascu, referencing the NIS2 Directive, which mandates cybersecurity regulation for all EU member states.

Lupascu currently serves as the director of Moldova’s Agency for Cyber Security, or ASC, which was established two years ago. “Two years ago, I was all alone with a piece of paper saying that I’m the director of an entity that did not exist prior to that. It did not have any location, employees whatsoever,” he shared with SIGNAL Media.

“Now looking back, two years later, we have an office, I have 30 colleagues working for the same goal, and I see that there’s significant progress when it comes to establishing cybersecurity response capabilities within the country, with a strong focus on critical infrastructure,” which is ASC’s official directive of focus, Lupascu noted.

The last two or three years have seen Moldova invest in cybersecurity through legal frameworks and adjusted legislation—and more progress is forthcoming.

“Starting from this year,” Lupascu said, “we’ll see more practical projects and implementations of the legal framework.” Today, cybersecurity is considered part of Moldova’s national security and is additionally playing a role in the nation’s political agenda.

The war in Ukraine, which just marked its fourth consecutive year, has shown surrounding nations what hybrid warfare can mean. “The hybrid war can be fought on multiple fronts such as cyber attacks, misinformation, disinformation campaigns, manipulation of the society and the media, and so on,” Lupascu explained. “Nowadays, we see cybersecurity as a piece of a bigger puzzle.”

Politically motivated cyber attacks have become a new normal in Moldova, with high-velocity interference campaigns originating in Russia to influence recent elections.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

During the September parliamentary elections, members of parliament’s email accounts were hacked and leaked by malicious actors. Additionally, there were numerous instances of online impersonation, as well as cloned or fake government websites, with the purpose of discrediting trust in the national government.

“Imagine having an exact replica of the site with a slightly different name that is sending or communicating misinformation about the elections or the day or the addresses of the polling station and so on,” Lupascu said.

Moldova also faced distributed denial-of-service attacks. “Every time they managed to take down a service or a public website, they would take screenshots, and those screenshots would be multiplied and spread across different propaganda channels with this clear intention of ... sending the message that the government and institutions are weak and they cannot defend themselves.”

While response and recovery tactics vary based on the scale of attacks, a national incident response team does exist within ASC. The priority, however, is less on response and more on early detection and prevention, a much more efficient and cost-effective method to combat cyber threats, Lupascu noted.

Working with beneficiaries, ASC has specific vulnerability identification initiatives focused on critical infrastructure. Once a vulnerability is identified, the agency works with the beneficiaries to resolve the issue before malicious actors exploit it.

As the nation continues its path to cyber resilience—and an EU membership—public awareness and education are becoming top priorities.

With a strong IT industry already in place, education programs and curricula are beginning to shift to a cyber-centric focus.

For example, Lupascu noted, the Cybersecurity Excellence Centre was founded a year ago and is embedded within Moldova’s technical industry, the country’s largest sector.

While its mission is to provide specialized training for university students, it also offers awareness training for public servants. “We are trying to cover both aspects, the expertise, but also the more generic cyber awareness knowledge,” Lupascu added.

Training is provided by leading experts and institutions, including Carnegie Mellon University.

Additionally, Lupascu mentioned, the Moldovan government is incentivizing IT professionals by offering reduced taxes.

Historically, the Technical University of Moldova has been known for science, technology, engineering and math (STEM) programs, said cybersecurity professor and industry expert Natalia Bell, who also holds a doctorate in cybersecurity. “Despite having limited resources, they still did a great job aligning themselves with international standards in terms of STEM education,” she told SIGNAL Media. “Once cybersecurity came ... it just integrated with what they were already good at.”
 

Representatives from Ukraine, Romania and Moldova signed the newly established regional cyber alliance. Credit: Photo courtesy of the Kyiv International Cyber Resilience Forum
Representatives from Ukraine, Romania and Moldova signed the newly established regional cyber alliance. Credit: Photo courtesy of the Kyiv International Cyber Resilience Forum

Awareness is and will be key to Moldova’s cybersecurity progress, and integration into the European Union will play a significant role, Bell said.

“When [Ursula von der Leyen], the president of the European Commission, came to Moldova, cybersecurity was one of the priorities as part of the integration process,” Bell said. Moldovan President Sandu also continues her efforts to increase public awareness of cybercrime.

Most recently, Sandu released a video on the official government YouTube account, warning citizens of online scams, including deepfakes. In the video, she urges the public not to share banking information with unknown callers. “Hang up the phone,” she said, “call the phone number listed on the official banking website,” or the family member who supposedly contacted you. “Speak with your parents, your grandparents, your relatives, and share this message with them,” Sandu stressed.

Still, further education and awareness initiatives are necessary, Bell added, offering Romania as an example. Bell, who completed her bachelor’s and master’s degrees in Romania before moving to the United States, said the country has invested several resources and advanced its laws with cybersecurity and privacy in mind.

The close partnership between Moldova and Romania is an advantage, according to Bell.

“Moldova doesn’t have to reinvent the wheel, they have to look at what other countries did,” Bell said. “The European Union is so great because there are so many resources that they can offer.”

It’s important to note that Moldova’s official language is Romanian. As Romania is already an EU member state, many resources are available in its native language. “[Romania] takes EU legislation in terms of cybersecurity, privacy and so on, they have it as an umbrella legislation, and then they come and build their own local laws that match better with whatever needs they have,” Bell explained.

Similar to U.S. standards of operation, companies within Romania align themselves with internal federal laws and EU regulations. Better to learn from those with experience than start from scratch, Bell suggested.

Additionally, as Moldova continues its EU integration efforts, it is gradually taking steps to replace its Soviet infrastructure and to rebuild with security by design.

Cybersecurity, however, comes with a high price tag, Lupascu stressed. While recognizing the need for cyber resilience, Moldova’s small economy faces the challenge of investing in high-quality protection with a limited number of resources available.

During his interview, Lupascu mentioned his agency’s work with leading cybersecurity firms, including Cisco, Fortinet, Palo Alto, Cloudflare and CrowdStrike.

In many ways, Lupascu added, Moldova is treated as a testing ground by malicious actors before they duplicate their cyber attack strategies on other nations, highlighting the scale of cyber threats. Additionally, reliance on third-party providers can make it difficult to respond to attacks in a timely manner.

Finally, disruptive technologies such as artificial intelligence and quantum will only add to the complexity of the environment. “Nowadays, we see massive layoffs in the tech industry to optimize cost because we say, ‘OK, AI can be more efficient and with less cost,’” Lupascu said.

“Of course, to some extent, it might. In the short term, we might see a rise in productivity, but we feel, and it’s a known fact, that the quality of code has declined a lot. So, I see this as a time bomb that could lead to vulnerabilities in the years ahead.”

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying The Cyber Edge?
The Cyber Edge is part of SIGNAL Magazine. Subscribe or join AFCEA to receive SIGNAL and its award winning news.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA

Related Cyber Content