Chilean government warns of Black Basta ransomware attacks after customs incident


The Chilean government warned of ransomware attacks by a notorious hacker gang after its customs service handled an incident on Tuesday.

Officials from Chile’s Servicio Nacional de Aduanas – the government department responsible for foreign trade, imports and more – said Tuesday afternoon that they had managed to prevent the progression of a cyberattack after discovering the incident .

“After detecting a security incident on our IT teams, we took all the necessary preventive measures to avoid exposing our IT teams and systems to possible vulnerabilities,” they specify. said on several social media sites.

“All security measures and protocols established by the Ministry of the Interior and Public Safety’s Computer Security Incident Response Team (CSIRT) are already in place. Thanks to the work of our IT teams, this incident will not affect the operational continuity of the Service and we are taking all necessary measures to continue operating at the various checkpoints across the country.

In a follow-up message, the country’s Computer Security Incident Response Team (CSIRT) confirmed it was a ransomware attack and clarified that the incident involved the Black Basta ransomware group – which added dozens of new victims on its leak site this week.

The CSIRT warned all government authorities in the country that the ransomware had been detected “in a limited part of the digital infrastructure of the National Customs Service”.

They urged all government agencies to verify that backup copies of systems are protected and separated from the rest of the network. Agencies must also audit the number of administrative accounts and, more generally, limit the number of people with administrative authorizations.

They proposed a series of other measures that should be taken as the government continues to monitor the network for any signs of further attack.

Chile has faced several cyberattacks and ransomware incidents over the past year. The CSIRT said last August that an unnamed government agency had been affected by the ransomware campaign. target Microsoft tools and VMware ESXi servers while their consumer protection agency announced that it was also hit by ransomware in April 2022.

The Large Millimeter Array at Atacama, one of the largest astronomical observatories in the world, was also hit by a cyber attack last year. Although it has never been confirmed, a ransomware gang leak documents stolen from the Chilean army in June.

The attack comes as U.S. officials ready to get together a ransomware task force was created later this month, made up of representatives from 45 countries. Top Biden administration officials want countries to commit to never paying ransoms associated with ransomware attacks.

Get more information with the

Future saved

Intelligence cloud.

Learn more.

No previous articles

No new articles

Jonathan Greig

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

Leave a comment