September 29, 2023

A number of distinguished authorities ministries in Colombia are responding to a ransomware assault that’s forcing officers to make vital operational modifications.

This week, the Ministry of Well being and Social Safety, the nation’s Judiciary Department and the Superintendency of Business and Commerce introduced {that a} cyberattack on expertise supplier IFX Networks Colombia had brought about a variety of issues limiting the power of each departments to operate.

On Wednesday, the Ministry of Well being and Social Safety stated it started going through points on Tuesday after IFX Networks advised them of issues affecting their information middle.

“As a result of cybersecurity incident, it isn’t potential to entry functions used for our mission and for the availability of providers on the nationwide degree,” the ministry stated.

“These functions are hosted in infrastructure contracted with IFX Networks Colombia. The corporate is investigating the state of affairs and figuring out when our providers will probably be reestablished.”

The ministry stated it’s within the strategy of implementing various mechanisms that can permit it to proceed serving the well being sector and decrease the influence of the assault. The company units coverage for the nation’s well being system, promotes varied well being initiatives and coordinates citizen care between varied business stakeholders.

On Thursday night, the Judicial Department posted a banner on its web site explaining that the positioning was down and that providers had been unavailable due to the assault on IFX. As a result of assault, the nation’s Supreme Court docket was suspending all hearings from September 14-20.

In a longer letter posted to social media, officers stated their IT workforce found the assault on September 12 and famous that it affected the complete division’s cloud infrastructure. They confirmed that IFX Networks reported a ransomware assault affecting a number of machines.

“Based on data offered by the expertise supplier, it isn’t potential to revive providers instantly,” officers stated, noting that somebody from IFX was summoned to their places of work on Wednesday.

“In mild of this data, the judiciary considers it essential to droop all the courtroom’s obligations.”

In an official doc signed on Thursday, the courtroom listed out the providers that might be suspended, together with most courtroom hearings, certifications, accreditations, short-term licenses, sanctions and extra.

Some in-person providers and hearings will nonetheless be held. If IFX is ready to restore providers earlier than September 20, the suspension order will probably be lifted.

On Friday, the courtroom released a followup message warning that courts are nonetheless functioning and conducting some previously-scheduled hearings.

The Superintendency of Business and Commerce — which manages the nation’s shopper rights establishment and market competitors organizations — printed its personal notices confirming it was affected by the attack and suspending some operations via Friday.

Different authorities businesses advised native information shops of points they confronted with expertise all through the week and a few residents have turned to social media to complain of points coping with departments. El Pais reported that the federal government doesn’t really know what number of entities are affected by the assault on IFX.

Acquainted ransom observe

No ransomware gang has publicly taken credit score for the incident however cybersecurity researchers with elHacker.web shared photographs from the RansomHouse hacking group indicating they could be behind the assault on IFX Networks.

The group, which has deployed a variety of ransomware strains over the past two years, not too long ago attacked Colombian healthcare supplier Keralty, in accordance with Bleeping Laptop. The ransom note in that assault is almost equivalent to the one shared by elHacker within the IFX incident.

Researchers at BetterCyber additionally advised Recorded Future Information that whereas monitoring RansomHouse’s Telegram channel, they’ve seen a number of individuals inquire in regards to the assaults towards Colombian authorities businesses.

An adviser for the nation’s president, Saúl Kattan, called the attack the “largest on infrastructure in Colombia lately” and criticized the nation’s legislature for failing by one vote to approve a brand new ministry that might concentrate on cybersecurity.

“That’s the reason the pressing creation of the Nationwide Company for Cybersecurity and Area Affairs is vital,” Kattan stated.

A number of nationwide governments throughout the globe have been crippled by ransomware assaults over the past two years, together with Costa Rica — which was paralyzed after it refused to pay a $20 million ransom to a Russian hacking collective in April 2022 — the Dominican Republic and most not too long ago Sri Lanka.

The assault comes the identical week because the U.S. Nationwide Safety Council urged the governments of a number of nations to pledge by no means to pay ransomware hackers.

Get extra insights with the

Recorded Future

Intelligence Cloud.

Study extra.

No earlier article

No new articles

Jonathan Greig

Jonathan Greig is a Breaking Information Reporter at Recorded Future Information. Jonathan has labored throughout the globe as a journalist since 2014. Earlier than transferring again to New York Metropolis, he labored for information shops in South Africa, Jordan and Cambodia. He beforehand coated cybersecurity at ZDNet and TechRepublic.