In 2025, the Central Electoral Commission and the Public Services Agency recorded more than 14 million cyberattack attempts in a single night. The number of cyber incidents reported by the Information Technology and Cybersecurity Service exceeded 1,050 in 2025, compared with approximately 430 in 2024.
On 6 July, the Information Security Students Association within the Faculty of Computers, Informatics and Microelectronics launched IRIS – Infrastructure Risk Intelligence System, a platform that scans institutional infrastructure and identifies vulnerabilities before attackers can exploit them. The project was developed over the course of about a year, in partnership with the Cybercor Institute.
“This is a very important project for the Republic of Moldova, and not only from a technical perspective. It is important for the country’s democratic resilience. Last year, the Republic of Moldova faced a major wave of cyberattacks at a time when our country was deciding its future.”
- Adrian Manole, President of the Association and a student in Information Security at UTM
As public digital services continue to expand, the attack surface has grown significantly. Institutions now manage more exposed data, more complex systems and, in many cases, limited resources to protect them. At the same time, each institution manages its own infrastructure separately, without a broader view of the overall security of the system.
“Each institution has its own servers and infrastructure, and we live in a disconnected environment, where no one really knows where they stand in terms of security,” explains Adrian Manole.
Ștefan Bîstrițchi, Vice-President of the Association, explains how the platform works: “You give it a starting point, such as a website or an IP address, and the platform explores on its own, thinking like an attacker: it identifies where an attacker could enter, what path they might follow, and documents everything for the analyst monitoring the process.”
“At the moment, artificial intelligence is used only to interpret information and support the analyst. Everything is done step by step; a report is generated and, most importantly, the tests are repeatable,” says Bîstrițchi.
Two interfaces are planned for the platform: one for an institution’s technical team and another for its management team, with the same data presented in less technical language.
The first pilot is currently running at UTM. In the longer term, IRIS is designed for any organisation that stores data or provides online services: government institutions, banks, energy providers, telecom networks and hospitals.
The launch of IRIS also comes in the context of a changing legislative framework. As a candidate country for the European Union, the Republic of Moldova is working to align with the NIS2 Directive, which regulates cybersecurity at the European level. Law No. 48 of 2023 established the Cyber Security Agency, the institution responsible for protecting the state’s digital infrastructure.
“For citizens to feel secure, they need to understand what is happening in their country, and that requires a certain level of transparency.”
- Adrian Manole
For now, the platform operates under the team’s supervision, in partnership with institutions that want to test it. In about a year, access is expected to open to state agencies and private companies. After that, the team plans to develop a version that would allow any citizen to see the state of the country’s digital infrastructure.




