PODGORICA, Montenegro -- At the government headquarters in NATO-member Montenegro, the computers are unplugged, the internet is switched off and the state's main websites are down. The blackout comes amid a cyberattack against the small Balkan state that officials say bears the hallmark of pro-Russian hackers and its security services
The coordinated attack that started around Aug. 20 crippled online government information platforms and put Montenegro's essential infrastructure, including banking, water and electricity power systems, at high risk.
The attack, described by experts as unprecedented in its intensity and the longest in the tiny nation's recent history, capped a string of cyberattacks since Russia invaded Ukraine in which hackers targeted Montenegro and other European nations, most of them NATO members.
Sitting at his desk in Montenegro's capital, Podgorica, in front of a blackened PC screen, Defense Minister Rasko Konjevic said government officials were advised by cyber experts, including a team of FBI investigators that were dispatched to the Balkan state, to go offline for security reasons.
"We have been faced with serious challenges related to the cyberattack for about 20 days, and the entire state system, the system of state administration, and the system of services to citizens are functioning at a rather restrictive level," Konjevic told reporters.
He said experts from several countries are trying to help restore the Montenegro government's computer system and find proof of who is behind the attack.
Montenegro officials said the attack that crippled the government's digital infrastructure was likely carried out by a Russian-speaking ransomware gang that generally operates without Kremlin interference as long as it doesn't target Russian allies. The gang, called Cuba ransomware, claimed responsibility for at least part of the Montenegro cyberattack, in which it created a special virus for the attack called Zerodate.
Montenegro's Agency for National Security blamed the attack squarely on Russia.
Russia has a strong motive for such an attack because Montenegro, which it once considered a strong ally, joined NATO in 2017 despite the Kremlin's opposition. It has also joined Western sanctions against Moscow over the Ukraine invasion, which led Moscow to brand Montenegro an "enemy state" along with several other countries that joined the embargo.
"In such attacks, there are usually organizations that are a mask for state intelligence services," Konjevic said, adding that the defense ministry's NATO-related data is protected "in a special way" while the other possible leaks "are being investigated."
The cyberattack comes amid an apparent attempt by Moscow to destabilize the Balkan region that was at war in the 1990s through the Kremlin's Balkan ally Serbia, and thus at least partly shift the world's attention from the war in Ukraine.
Montenegro, which split from much larger Serbia in 2006, is currently run by an interim government that has lost parliamentary support because of Prime Minister Dritan Abazovic's shady deals with the influential Serbian Orthodox Church without the consent of the whole coalition that supported the government.
Montengro's roughly 620,000 people are deeply split between those who want the country to restore its close ties to Serbia and Russia and those who want it to continue on its path of the European Union membership.
"A real war is being waged in Ukraine, with bombs, a war of conquest by Russia," political analyst Zlatko Vujovic said. "Something similar is happening in Montenegro. There are no bombs, but there is a huge tension, a huge hybrid conflict in which the interests of Russia and its and Serbian intelligence services are interconnected."
Information for this article was contributed by Predrag Milic of The Associated Press.