The Brazilian Ministry of Economy has disclosed a ransomware attack that hit some of National Treasury’s computing systems. The government reports that the threat was contained after the attack was detected.
“Containment measures were immediately applied, and the Federal Police called”, the Brazilian government stated.
An additional notification, issued with the Brazilian Stock Exchange today indicates that the attack did not affect “in any way” the operations of Tesouro Direto – a program that enables the purchase of Brazilian government bonds by individuals, as reported by ZDNet.
Following the attack, the police began an investigation immediately after the containment measures were applied. Security specialists with the National Treasury Secretariat and the Digital Government Secretariat are still investigating the extent of the breach.
Looking into the issue for Digital Journal is James Carder, CSO of LogRhythm.
According to Carder, this is another sign of the forward advance of ransomware. He notes: “Ransomware continues to be a prolific threat to local, state and federal governments of any size. Unfortunately, governments will continue to be sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged, and the often-inferior defenses that allow easy exploitation.”
Another reason why governments and some big organizations struggle is due to a shortage of resources. Carder analyzes: “There is a shortage of people, process, and technology in most governments and their agencies, which is leading to more vulnerabilities and increased risk and susceptibility to cyber-attacks like ransomware.”
As a safeguard, greater awareness is needed within the state sector. Carder finds: “Government entities need to recognize that the possibility of a ransomware attack is only increasing with time and take pivotal steps to successfully prepare for a ransomware attack and ensure continued, uninterrupted support to their citizens.”
Using this as a preventative action, Carder outlines the defensive steps that must be taken. The actions required are: “To prepare, organizations must patch aggressively, limit privileged access, create backups, prepare a response plan, prioritize educational training and consider cyber insurance.”
This needs to be backed up by sufficient state funding, however. Carder lays this necessity out clearly: 2Above all, cybersecurity needs to be properly funded to prevent attacks on governments as they are a matter of when, not if. As with anything in life it’s about how you can respond to these attacks and that’s not something organizations want to do without practice and a plan.”
Earlier in 2021, Brazil’s largest medical diagnostics company called Grupo Fleury suffered a debilitating ransomware attack that forced it to take systems offline and initiate restoration operations.