Romania’s national water management agency has been targeted by cybercriminals. The attackers exploited a Windows feature called BitLocker to lock out a large portion of the company’s computer systems.
The National Directorate of Cyber Security (DNSC) was notified on December 20th, 2025, that the Romanian National Water Administration had been hit with a cyberattack that took approximately a thousand IT systems out of commission.
After hitting the main office, it also spread to ten of the country’s eleven river basin management organizations.
According to Romania’s cybersecurity agency, geographical information system applications servers, database servers, Windows workstations, Windows Servers, email and web servers, and domain name servers (DNS) are all affected.
Operational technologies are not affected, meaning that the water company remains open. However, orders to run the place are only being done using voice communications. The website remains offline.
Preliminary findings show that the attackers exploited a legitimate encryption mechanism called BitLocker to encrypt the water company’s files.
BitLocker is a built-in encryption feature introduced with Windows Vista. It encodes the data on the hard drive, so it cannot be read without a key.
The attackers left a ransom note demanding to be contacted within seven days. The Romanian cybersecurity agency stresses that its “policy and strict recommendation” is that victims neither engage nor negotiate with cybercriminals.
The technical teams within the DNSC, the Romanian National Waters Administration, the Romanian Intelligence Service (SRI), the affected entities, and other state authorities are currently investigating the incident.
Romania’s national water management agency wasn’t protected by Romania’s system for safeguarding critical national infrastructure. But that will soon change.
“The necessary steps have been initiated so that this infrastructure is integrated into the systems developed by the National Cyberint Center (CNC) to ensure cyber protection for both public and private IT&C infrastructures with critical values for national security, through the use of intelligent technologies,” the DNSC promises.
Your email address will not be published. Required fields are markedmarked